Monitor the Passive Identity Agent

The passive identity agent indicates whether or not it can communicate with the Cisco Security Cloud Control and other agents if it's configured as primary-secondary. You can view the status at Integration > Other Integrations > Identity Sources.

Deployments

A standalone passive identity agent is represented as follows.

A primary-secondary pair is represented as follows.

The following table explains the meaning of the indicators.


Object	Meaning
	Cloud-Delivered Firewall Management Center
	Standalone Passive Identity Agent
	Active Directory domain controller
	Primary agent
	Secondary agent

Status indicators and colors

The passive identity agent indicates status using lines (that indicate whether communication with the Cloud-Delivered Firewall Management Center is active or standby) and colors (that indicate whether or not communication is successful).

The following table shows the meanings of lines and colors:


Object	Meaning
Solid line	The agent that is responsible for communicating with the Cloud-Delivered Firewall Management Center.
Dashed line	Primary/secondary configuration only. The agent that is acting as the backup agent. In the event of a communication failure between the active (solid line) agent, this agent communicates with the Cloud-Delivered Firewall Management Center.
Green	Agent communication is normal.
Amber	Agent has never successfully communicated with the Cloud-Delivered Firewall Management Center. A newly created agent line is amber and remains so until configuration is complete.
Red	Communication is failing. To resolve the issues: Check sure the network connections between agents and the Cloud-Delivered Firewall Management Center. Make sure you have completed configuring the system (Microsoft AD server, domain controllers, and the Cloud-Delivered Firewall Management Center). For more information, see How to Create a Passive Identity Agent Identity Source.