Sonicwall content filter, users keep getting default policy

 We are using a Dell Sonicwall NSA 4600 on Firmware  SonicOS Enhanced, we use the content filtering module on it to restrict users website access , using SSO and LDAP to AD.
 Through out the day users will randomly lose their internet policy and get the default policy blocking majority of websites. I have found by locking and unlocking the PC it restablishes the policy and they can continue in the majority of scenarios to browse the internet again.

 I have disabled AV (SEP) and it still happens, all users are on Windows 7.

Any help would be appreciated!

Who is Participating?
advicepleaseConnect With a Mentor Author Commented:
Hi All
 Several issues here that i have now resolved and all working.

If the Domain User Profile has been copied from another Domain user when originally created , Sonicwall policies don't like the profile deleted the profile and changed the name slighly, no further issues

for the majority of the other users the fix was :

- make probe to WMI first on the SonicWALL and also on SSO agent.

- To Make WMI probing first goto Firewall users -> Settings -> sso agent -> configure -> users tab -> Probe users for select WMI and hit apply/ok.

so needs changing on both SSO agent (might be a dedicated server or on your DC's) and the actual Sonicwall

in some cases it can be firewall on the endpoints, you need to make sure TCP/UDP 1726,135,445 and 139 on windows firewall and Client AV on all machines aren't blocked
Have you checked the power management settings on the network cards?

Another way you could try doing the policies is by MAC address and IP. However, this also assumes that users are not sharing machines...
advicepleaseAuthor Commented:
No its not power management settings as the users are using other applications at the time

MAC address /IP is not an option due to the size of the estate

Easily manage email signatures in Office 365

Managing email signatures in Office 365 can be a challenging task if you don't have the right tool. CodeTwo Email Signatures for Office 365 will help you implement a unified email signature look, no matter what email client is used by users. Test it for free!

Do multiple users share machines? SSO doesn't work well with switching users. You'd have to make sure each user signs off, and the new user signs in.

You may also want to look at excluding service accounts, as even Sonicwall has admitted it's caused issues for them:
advicepleaseAuthor Commented:
the users effected aren't using multiple machines. all have HP laptops

is random but happens to a lot of people throughout the day,everyday

if these users lock their machines and unlock using their domain credentials again , it works

very frustrating!
Just noticed your last post. However, I'd suggest that you check to see if there is a communication issue between SSO agent and the server. That seems to be the most likely cause.

However, at this rate, if you still have the support, I'd contact the support engineers at Sonicwall.
advicepleaseAuthor Commented:
found out for myself........
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.