|
|
|
|
This option enables LTDP (Security Agent) logon queries. If enabled it will query
client PCs on UDP port 1305 for the currently logged-in user and related information.
NOTE: It may also perform a “legacy” LTDP query. |
|
|
|
|
This option enables TTC to use WMI to lookup usernames. This method is problematic
in that it may invoke error messages on the client workstations as well as the TTC
server when it fails. It also has a problem with Terminal Server machines in that
can return the incorrect username. |
|
|
|
|
This option invokes a DNS query for each lookup that simply attempts to resolve
the IP to a machine name. |
|
|
|
|
This option controls the remote registry lookup on the client PC. This lookup only
works if the client PCs have remote registry services enabled. |
|
|
|
This option controls the Microsoft SMB/NBT port “knocking” that we do before we
attempt to use any NetApi call. We knock on the client’s TCP ports 135 and 445 in
order to determine if it will be available for use in later NetApi calls.
NOTE: This feature is required for the Registry and
WMI lookups to work. If you disable this option, then those are also implicitly
disabled. |
|
|
|
|
This option controls the raw NetBIOS lookups performed against each client PC. If
NetBIOS has been disabled on the client PCs this lookup will fail. It could also
be hampered by having more than one NIC with the MS TCP/IP stack enabled, or when
the clients are on the other side of a router. |
|
|
|
If enabled, this option will create a logfile that details the user resolution process.
It will create (or append to) a file named “IpmUserLookup.log” in the installation
folder.
NOTE: The log file can grow extremely large!
Only set this option when you are willing to keep a close eye on the server and
the log file. |
|
|
|
|
This option controls the “legacy” (v5.03) LTDP (SA) user lookup requests. This method
is only attempted if the original LTDP request failed and the client PC did not
return the ICMP message. Enable only if you have v5.03 SA client PCs
still on the network. |
|
|
User Lookup Stale Time (secs) |
|
A “stale” entry in the cache is defined as one that has not been asked for during
the above time period. So, if a user is resolved for an IP Address, but then a lookup
is not requested for 15 minutes (by default) then it is a stale entry and purged
from the cache. 60 seconds is the minimum time for this value. |
|
|
User Lookup Refresh Time (secs) |
This value defines the time after which a current (non-stale) entry in the cache
will be refreshed (looked-up again). 30 seconds is the minimum time for this value.
NOTE: It may be as much as 60 seconds + the value before the IP address is actually
requeued for lookup. This is because the thread in-charge of housekeeping and requeuing
entries has a 1 minute timer that must elapse first. |
|
|
User Lookup Bad IP Time (secs) |
This value defines how often before we attempt another resolution on a PC that failed
to respond to any of our lookup requests. Set to 0 to disable this feature (it will
lookup the IP address every time it’s asked) or set to another value in seconds.
NOTE: If “Winsock” (DNS) lookups are enabled, then a DNS query response is marked
as a valid response and does not mark the IP address as “bad”. |
|
|
LTDP Lookup Timeout (secs) |
|
This option controls how long we wait for a client PC to respond to our LTDP (SA)
user lookup request. Normally when the UDP packet is sent, a client w/o the SA installed
will immediately respond with an ICMP Host Unreachable/Port Unreachable message,
however if there is a firewall on the client or between the TTC server and the client
this response may not be returned. Setting this value lower may help stop requests
from being queued too long. 1 second is the minimum time for this value. |
|
|
Lookup Worker Threads |
|
This option controls how many concurrent threads are actively performing user lookup
requests. Under most operating conditions 15 will be sufficient, however, in heavily
used networks with several thousand client PCs you may want to increase this
number. The minimum value for this is 5 and the maximum is 50. |
|
|
