How to fix the issue, if you get alerts about "Usermap data is stale" on Email security device.

Description

How to fix the issue, if you get alerts about "Usermap data is stale" on Email security device.

Resolution

Question:

How to fix the issue, if you get alert about "Usermap data is stale" on Email security device.

Answer:

  • When you configure the LDAP server, it pulls users/groups information from your LDAP server and stores that information on the usermap.xml file. This is an important file to keep updated for several reasons, but most importantly if you are using DHA Protection.
  • DHA checks against usermap.xml file and treat an email as DHA if the recipients email is not found on the usermap.xml file. ( specially in case of new user addition on LDAP server or modification to existing users.)
  • This alert indicates your Usermap.xml file has not been updated recently. By default, Usermap.xml is updated once an hour.
  • You can configure the Usermap update interval (Usermap frequency) in the global configuration of LDAP configuration page.

To manually update the Usermap file you have follow the steps as mentioned below:

Step 1. Go to Manage | System Setup | Server | LDAP configuration page.

Step 2. Click on the server name, config page will open up,
Image Changes" on that page (even if you have not done any changes, this will trigger the ES to fetch new data from your LDAP server).

ImageUsers, Groups & Organizations | Users , click on "Refresh Users & Groups" button.

ImageRestart Services" (this process will update the Usermap file once the services comes back up)

Imageusermap data is stale"

Note: If saving your current LDAP configuration was unsuccessful, please make sure the following configuration are in place or working:

  • The login credential to LDAP is correct.
  • LDAP server is reachable from ES server.
  • The LDAP port is configured correctly.
  • LDAP query panel is configured correctly.

NOTE: If the navigation or the screenshot looks different from the one mentioned above , you may be in an older firmware version and would require a firmware upgrade. Please refer the link below to upgrade the firmware to latest version.

https://www.sonicwall.com/en-us/support/knowledge-base/170504270079039

 

Related Articles

  • Invalid SFP Connected warning on SonicWall firewall when using supported 10G SFP+ Module
    Read More
  • How to exclude the domain from DHA scanning?
    Read More
  • Email Security: How to download the Outlook Junk Tool?
    Read More

Categories

Email Security
Email Security Appliance
Email Security
Email Security Software
Email Security
Hosted Email Security
not finding your answers?
Ask the Community