![]() ![]() This article assumes you’re a group policy novice and doesn’t necessarily indicate best practice in your AD or Watchguard environment. Getting SSO working in your Active Directory environment This will throw an “invalid SSL error” to your clients unless you correctly install a trusted SSL cert in your device. In all cases the Watchguard will eventually failback to forms based authentication if none of the above methods work. So if for some reason the SSO service stops the user isn’t completely cut off. The Watchguard will look for the SSO client before falling back to the event log method. This installs on a server in your infrastructure and will attempt to open the event viewer of any machine that uses the proxy to see what AD controller they authenticated against and is usually pretty reliable after you push out some firewall exclusions.ģ.) Watchguard XTM Authentication Gateway with SSO Agent. This isn’t really a solution for end users, but fantastic for servers and appliances that need access to WAN resources.Ģ.) Watchguard XTM Authentication Gateway without SSO Agent. This has the habit of breaking things like Outlook and Lync as the Proxy presents an SSL certificate that’s not expected. Forcing users to attempt connect to the web, get redirected and authenticate on the proxy web page and then resume their activities. You can apply polices based on groups, however the Watchguard needs to know who is who. Say for example the HR deptartment needs access to a job listing site like but no other staff require access. ![]() Watchguard routers have a fantastic set of tools for reporting and controlling user access, dataloss prevention, IPS and Malware protection but applying these rules to groups of users can be a very intrusive process. ![]() ![]() This is the first part in our guide in getting Watchguard Single Sign on working in your active-directory environment.Ī quick introduction here might be needed. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |