There are several scenarios where this can happen.
Scenario 1:
The IP address of the client computer is on the LDAP Authentication Approved list. No user identification will be done for IP addresses on this list. (It can be accessed from the web console under Administration > IWSVA Configuration > User Identification > Authentication Approved list.)
Scenario 2:
The IP address of the client computer is on the Approved Server IP List. No user identification will be done for IP addresses on this list. (It can be accessed from the web console under HTTP > Configuration > Access Control Settings > Approved Server IP List.)
Scenario 3:
The accessed URLs are HTTPS websites and IWSVA is not able to get the user from the traffic because it is encrypted. This happens in the following circumstances.
Scenario 1:
The IP address of the client computer is on the LDAP Authentication Approved list. No user identification will be done for IP addresses on this list. (It can be accessed from the web console under Administration > IWSVA Configuration > User Identification > Authentication Approved list.)
Scenario 2:
The IP address of the client computer is on the Approved Server IP List. No user identification will be done for IP addresses on this list. (It can be accessed from the web console under HTTP > Configuration > Access Control Settings > Approved Server IP List.)
Scenario 3:
The accessed URLs are HTTPS websites and IWSVA is not able to get the user from the traffic because it is encrypted. This happens in the following circumstances.
- HTTPS encryption is enabled, but not applied to the category to which the URL belongs. Decryption needs to be enabled for each category individually on each HTTPS decryption policy in order for IWSVA to decrypt HTTPS traffic.
- The URL is on the list of global trusted URLs. (This list can be accessed from the web console under HTTP > URL Access Control > Global Trusted URLs.)
Scenario 4:
The traffic is not coming from a browser but from some application, for example a Webex client. By default IWSVA does not authenticate non-browser traffic, therefore the user cannot be identified. (To change the behaviour, refer to this article.)
The traffic is not coming from a browser but from some application, for example a Webex client. By default IWSVA does not authenticate non-browser traffic, therefore the user cannot be identified. (To change the behaviour, refer to this article.)