j-gray 35 Posted April 28, 2022 Share Posted April 28, 2022 It looks like every day, EEI creates a task in EP Console for user synchronization. Every day the task fails with "User with same name already exists in target user group" 'User Creation Collision Handling' is set to 'Overwrite', so I'm not sure why there is an error. But more to the point, I'm not sure why this task is being created daily, nor where to disable it or if it's even needed as it always fails and seems to have no impact on functionality. Any info is appreciated. Link to comment Share on other sites More sharing options...
Mitchell 13 Posted May 10, 2022 Share Posted May 10, 2022 The task is used to synchronize users from AD, mainly to show some additional info about the user triggering a detection, specifically the following fields when viewing a detection in INSPECT: (the fields in AD are empty in my case, so that's why the values are 'unkown') A possible work-around is to delete all 'computer users' from ESET PROTECT (if you are not using this functionality) after that sync task should work again, but I have seen the issue come back. If you don't care about the above information in the detection events, I would ignore the failing of the task, as it is not critical functionality. j-gray 1 Link to comment Share on other sites More sharing options...
j-gray 35 Posted May 10, 2022 Author Share Posted May 10, 2022 Thanks for the reply. We do use the user functionality, so I'm hesitant to delete them all. In the Task settings, the setting for 'User Creation Collision Handling' is set to 'Overwrite', so you would not expect an error for any collisions. I'm not sure why this is happening. I'm guessing it has to do with permissions, because if I set Collision Handling to 'Skip', it does not cause an error and the job runs successfully. Secondly, it would be great if the user(s) causing the collision was logged somewhere. That would make for a easy/quick fix to remove the offending user and run the task again. Is there any way to find the offending user(s)? Link to comment Share on other sites More sharing options...
Mitchell 13 Posted May 11, 2022 Share Posted May 11, 2022 I'm not sure, maybe you can find it if you enable trace level logging and check the ESET PROTECT trace logs after a failed run. I do know that this behavior is identified as bug that will be fixed in a future version. Link to comment Share on other sites More sharing options...
Recommended Posts