C_Parlato
asked on
Sonicwall NSA240 SSO not working.
I'm working to implement some content filtering across my network. There are three sites connected via MPLS. Never had any really networking issues.
However... When trying to implement these new firewall rules in one site. I'm having an issue with the SSO agent properly identifying the logged in user. The error I'm getting is:
error:[11]Access is denied. Please check system is up, it is a windows machine, login privileges and windows firewall is turned OFF.
I've verified that all these settings are working. I'm wondering if there is something I'm missing.
However... When trying to implement these new firewall rules in one site. I'm having an issue with the SSO agent properly identifying the logged in user. The error I'm getting is:
error:[11]Access is denied. Please check system is up, it is a windows machine, login privileges and windows firewall is turned OFF.
I've verified that all these settings are working. I'm wondering if there is something I'm missing.
Check gateway of the remote computer....
ASKER
Gateway is configured through the DC, which is also host for the SSO agent
Host Gateway should ba SNA ip address, plz look below KB
http://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=7782
http://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=7782
If I remember correctly the SSO should be installed on the domain member server not of the DC. Please verify this.
I have installed SSO many times and I never had any problems with it.
I have installed SSO many times and I never had any problems with it.
ASKER
Konsultant: I tested the SSO agent on both the DC and on a Member Server. I still have the issue both ways.
Syed_M_Usman: I followed those steps to install originally. LDAP works perfectly, and in 2 sites the same configuration works flawelessly.
In one site, there is something going on where the WMI call to the machine is being rejected. If you spam the test option for SSO, the agent will eventually authenticate the user. This is very frustrating, and I'm not sure what it could possibly be.
Syed_M_Usman: I followed those steps to install originally. LDAP works perfectly, and in 2 sites the same configuration works flawelessly.
In one site, there is something going on where the WMI call to the machine is being rejected. If you spam the test option for SSO, the agent will eventually authenticate the user. This is very frustrating, and I'm not sure what it could possibly be.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.