Document toolboxDocument toolbox

Viewing Identity Mapping Information

Owned by Panna .
Last updated: Jul 28, 2022 by Shwetha S
6 min read

You can view user information associated with networks, end-host devices, Active Directory domains, routers and switches when you enable the Identity Mapping feature on the appliance. Access to user information related to networks and devices help network administrators to understand how the network resources are consumed and by whom. Each network user being mapped can use different devices to access their network environment. So using the identity mapping feature and synchronizing servers, such as Microsoft servers and Cisco ISEs, on the Infoblox appliance provide visibility of user interaction with their environments. By enabling this feature, you can monitor domain users, the IP addresses they log on to, the login status, and the time duration of their current status in the IPAM tab. For information about Identity Mapping for Active Directory users, see Configuring Identity Mapping and how to collect about user and device information from Cisco ISEs, see Configuring Cisco ISE on NIOS. You can generate the user login history report to monitor user login activities in a given time frame. For information, see User Login History Report.
You can do the following in the Network Users tab:

  • View active network users, as described in Viewing Active Network Users below.

  • View user login history, as described in Viewing Network Users Login History below.

Enabling Identity Mapping

You must first enable the Identity Mapping feature to view user information of a network or device. Complete the following to enable this feature:

  1. From the Grid tab, select the Grid Manager tab, and then select Grid Properties -> Edit from the Toolbar.

  2. In the Grid Properties Editor, select the General tab -> Advanced tab, and then complete the following:

    • Enable Network Users feature: Select this checkbox to enable the Identity Mapping feature on the appliance. Note that the Network Users tab is available only after you enable this feature.

      Note on an Infoblox appliance, the Enable Network Users Feature option is disabled by default for all new installations.

  3. Save the configuration.

Viewing Active Network Users

You can view all the users who are currently active on a network in the Active Users tab. Using the Action icon , you can do the following in the Active Users tab:

  • Go To IPAM IP Address Details: Select this to open the IPAM Home page to view the network address of the device. This option is greyed out for devices that have an IP address and is not part of an IPAM network.

  • Go To DHCP Network Details: Select this to open the DHCP > Networks tab to view the network address of the device. This option is greyed out for devices that have an IP address and not managed by the Grid.

  • Go To IPAM Network Details: Select this to open the IPAM Map for the selected user. The page shows network information in graphical format. This option is greyed out for devices that have an IP and not managed by the Grid.

To view active users:

  1. From the Data Management tab, select the Network Users tab > Active Users tab.
    or
    You can use the Action icon 

     in the following tabs to open the Active Users dialog box:
    IPAM tab: From the Data Management tab, select the IPAM tab, click the Action icon 

     next to the respective network and select Show Active Users.
    DHCP tab: From the Data Management tab, select the DHCP tab > Networks tab, click the Action icon 

     next to the respective network and select Show Active Users.
    Cloud tab:

  • In the Networks tab, click the Action icon 

     next to the respective network and select Show Active Users.

  • In the VMs tab, click the Action icon 

     and select Show Active Users.
    DNS tab: From the Data Management tab, select the DNS tab > Zones tab > Records tab, click the Action icon 

     and select Show Active Users.

    The Active Users tab or Active Users dialog box displays the following information:

  • User Name: Displays the logon name of the user. When the same user logs in to the domain from multiple clients, entry for each IP address is displayed separately. If multiple users logs in to the same domain, entry for each user is listed separately.

  • Domain: The name of the domain.

  • First Seen: The timestamp when the user logged in to the network for the first time.

  • IP Address: The IP address of the client.

  • Data Source: The IP address of the Microsoft server or the API method.

  • Data Source IP Address: Displays the source from which the data is collected. It can be Cisco ISE, Microsoft server or the API method.

  • Last Seen: The timestamp when the user was last seen accessing the network.

  • Last updated: Displays the timestamp when the user information was last updated.

Viewing Network Users Login History

You can view the login history of end-host devices, networks, and Active Directory domain users. You must first enable the identity mapping feature to view user login information. For information about enabling Identity Mapping feature, see Enabling Identity Mapping above.
To view network user login history:

  1. From the Data Management tab, select the Network Users tab -> User History tab. Grid Manager displays the following information:

    • User Name: The logon name of the user. When the same user logs in to the Active Directory domain from multiple clients, entry for each IP address is displayed separately. If multiple users logs in to the same Active Directory domain, entry for each user is listed separately.

    • Domain: Name of the Active Directory domain.

    • First Seen: The timestamp when the user logged in to the Active Directory domain for the first time.

    • Log Out Time: Displays the log out time of the user.

    • IP Address: The IP address of the client.

    • Data Source: The IP address of the Microsoft server or the API method.

    • Status: Displays the status of the user. The status can be one of the following: Active (logged in), Logged Out, and Timed Out.

      • Active: The user is logged in and active.

      • Logged Out: The user has logged out of the system.

      • Timed Out: The user is logged in but has been idled for a certain period of time. The default is two hours. You can configure this time interval, as described in Configuring Active User Timeout Session below.

    • Last Seen: The timestamp when the user was last seen accessing the network.

    • Last updated: The timestamp when the user information was last updated.

Configuring Active User Timeout Session

You can configure the amount of time that an active session of a user changes to timed out. When the idle session time is reached, the user status changes to inactive status. The default idle time is 2 hours. You can change it to minutes, hours, or days. The user status can be one of the following: Active, Logged Out, and Timed Out.
To configure active user timeout interval:

  1. From the Grid tab -> Grid Manager tab, expand the Toolbar and click Grid Properties -> Edit.

  2. Select Microsoft Integration tab in the Grid Properties Editor and complete the following in the Basic tab:

    • Assumed Network Users Time Out: Specify the time period after which the user status changes to Timed Out. Select the time period in minutes, hours, or days from the drop-down list.

  3. Save the configuration.