Hello,
we are migrating a lot of customers from UTM to XGS/SFOS. With UTM the customers used AD SSO for authentication for web protection (different AD-groups and webfilter profiles). With UTM we never had any issue with AD SSO! Now with SFOS we ALWAYS have different issues to get AD SSO working. Sometimes it works for some users, sometimes we see all the live users with AD-SSO, sometimes for some users it is not working or after a while it suddenly stops working for everybody...
We are also up2date with SFOS 20.
It is completely unsatisfied for us and we have to use a lot of time for trouble shooting and sophos support. And support always collect logs for weeks and did not find a really solution. Than it is working some days but after a while new issues...This feature seems not to work in the way we would expect it or like it was with UTM and it becomes a little bit of a migration showstopper...
Anybody here really use AD SSO with SFOS for user authentication for web filtering without any problems/issues?
We know there is also STAS for authentication that may work in a better way but our customers used AD SSO before with UTM without any problems. So no changes on customer side except the new sophos firewall. For STAS also the customer would need an additional Windows Server Licence (because it is not recommended to use STAS on DCs...) and maybe sometimes this part of software have to be updated or becomes EOL (like SATC)...
regards
Edited TAGs
[edited by: Erick Jan at 1:26 AM (GMT -7) on 15 Apr 2024]
