Avatar of normancb
Flag for Philippines asked on

Sonicwall Services - Domain password change

Dear Sonicwall Expert,

Our company is using Sonicwall NSA3500 UTM. more services are running on it. VPN, Global VPN, Intrusion prevention, App Control, CFS and so on. There are few VPN connection are configured and running well. There are few customised CFS configured and user group configured imported from LDAP server. DMZ is configured also for Spam filter for exchange 2010.

Now, our new System Administrator wants to change the administrator password of our Domain. I know that there are things to be consider before changing the Domain password. Specially we have several servers running in our environment. And frankly, I am new to sonicwall firewalls. I didn't touch much of the settings since it was configured fine by ex IT Admin.

My concern is, when domain administrator password is change, does it affect the firewall services? What services will be affected? And which part from the sonicwall UI should I go and make a changes?
SBSHardware Firewalls

Avatar of undefined
Last Comment

8/22/2022 - Mon
Sinan Barghouthi

Hello Norman,

It seems that you have SSO(sing sign-on) configured on the SonicWall. If that is the case there will be Active Directory administrator login credentials configured on the Sonic Wall so that it will be able to correlate IP's with the Domain Users from the agent. There will also be a SonicWall agent on your active directory. The password will have to be changed otherwise the Sonicwall will fail to lookup the Domain Users from your AD.

Once that happens all application control policies and policies related to your i.e <domain>\domain users will also not work/

As for the VPNs they only have Phase 1 and Phase 2 preshared keys that has nothing to do with your domains passwords.

Your Spam filter is configured by having a NAT and directing all SMTP to your Mail Gateway or by having an Anti-Spam policy configured so that will also not be affected.

As long as you change the password for SSO on the sonic wall/agent and ensure that you have connectivity to your AD server you should be okay. (You can verify connectivity from the Sonicwall Web GUI as well).

Best Regards
Sinan Barghouthi
Network Security Engineer

thank you Sinocide for the quick response, but forgive me, I don't have idea where I can find that SSO to change?

Hi sinocide, i've checked on the sonicwall and we're not using SSO. what i saw on the settings is "Authentication method for login: LDAP + Local Users".
I started with Experts Exchange in 2004 and it's been a mainstay of my professional computing life since. It helped me launch a career as a programmer / Oracle data analyst
William Peck
Sinan Barghouthi

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
Sinan Barghouthi

Also just to be sure, you will also have to login to your LDAP server and check if you have a SonicWall agent running. Kindly go to the start menu-->run and type in Services.msc then locate the Sonic Wall Agent service. Double click on it  and go to the "Log On" tab.

 If the "Local System Account" Button is selected than just ensure that the service is started and running.

If the "This Account" is selected enter your new Administrator password there.

Best Regards

Thank you so much for the help. Now I know where to go when password changed. Once again, thank you SiNoCide! Thanks to experts exchange. More Power!