Sonicwall NSA 3500 - Occasional Users end up in “Default” CFS group

At our school we have 3 separate filtering lists. Pupils, Staff and Default. The CFS group they end up in should be defined by their AD security group (So if they are staff, they get the less restricted Staff list).

On occasions a member of staff seems to end up getting the very restricted ‘Default’ group. Logging off/on does not help.

What might be causing this problem?
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Syed_M_UsmanSystem AdministratorCommented:
check your NSA-3500 firmware, you can also verify your doamin computers.
in my experience if you use Win xp computer with win 2008 DC on network sometimes this problem occurs.... may i know what OS you are facing this problem?

also please recheck your settings;;;

i would like to know below;

Your DC OS
How many subnets you have?
Problemetic desktop's OS
do you use any CA?
stalbansschoolAuthor Commented:
We are using Windows 7 on all of our clients

We have 3 x Server 2008 R2 DC's

Firmware version is:  SonicOS Enhanced

I am not sure what 'CA' is an abbreviation for?
stalbansschoolAuthor Commented:
It looks like we can certainly start by looking at updating the firmware (I have just downloaded an updated version

I have not done this before, how long is the device likley to be offline for?
Virus Depot: Cyber Crime Becomes Big Business

The rising threat of malware-as-a-service is not one to be overlooked. Malware-as-a-service is growing and easily purchased from a full-service cyber-criminal store in a “Virus Depot” fashion. View our webinar recording to learn how to best defend against these attacks!

Syed_M_UsmanSystem AdministratorCommented:
180 Seconds only....

latest should be...SonicOS Enhanced
stalbansschoolAuthor Commented:
Is this likley to cause the problem?
Syed_M_UsmanSystem AdministratorCommented:
Actually NO, but its better to have latest firmware. This may resolve this issue.
Above mention issue could be trust issue, and this type of behaviour is unexpected. plz try to make sure you have configured the Custom CFS as per the above mention link.
stalbansschoolAuthor Commented:
Ok, I will read through the link that you posted.  However, we use SSO and I notice that the guide you posted is for when you dont use SSO
stalbansschoolAuthor Commented:
I have noticed that in Users >> Settings

The Authentication Method we are using is "RADIUS + Local USers"

and as mentioned above, we are using the Single Sign-on mehtod "SonicWALL SSO Agent"

Everything else seems to be setup correctly
Syed_M_UsmanSystem AdministratorCommented:
That could be a issue,,, try as per the guide line...

one more thing dont change anything in live network, the setup recomended only after workinh hours  +   take your setting backup and save on your laptop/desktop... so you can go back....

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
stalbansschoolAuthor Commented:
Why wouldnt we want to use RADIUS?
stalbansschoolAuthor Commented:
excellent comment, expert was exactly correct, this was caused by me not having LDAP + Local selected
Syed_M_UsmanSystem AdministratorCommented:
Thank you for nice Comments :)
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Hardware Firewalls

From novice to tech pro — start learning today.