Hi All,
I'm currently using CAA to authenticate users to the firewall so that user group-specific rules can be applied. However, it has some issues, especially when a PC is used by more than one user - it installs in the first user's profile folder and doesn't work properly for subsequent users. It's also inconvenient having separate logins for the PC / Windows and then to get to the internet.
It's a small network and there's no AD or other server locally; users log in to Windows using MIcrosoft accounts (user@outlook.com).
Does anyone know of a way to use the Microsoft accounts to authenticate to Sophos FW? Either directly or some kind of workaround.
I presume that Microsoft account login is probably Azure AD behind the scenes, but I've not found a way to access the AD server directly in order to have the firewall authenticate users against it.
I don't mind if a solution needs me to set up a local service such as LDAP, but it needs to be zero-admin - that is, if a user changes their MS account password, I don't want to have to update the local directory manually.
Any ideas very much appreciated!
Thanks,
Jeff
This thread was automatically locked due to age.