Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 11 replies
  • Answers 1 answer
  • Subscribers 41 subscribers
  • Views 2890 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to troubleshoot Synchronized User ID Issues

seroal

Hi,

we want to use SynchronizedUser ID Auth, but we are stuck, the users are not being created on the Firewall. Is there an advice for troubleshooting? How to proceed? How can I get an idea, where the root cause could be?

I already read through this:

 Sophos Firewall: Heartbeat stops showing any endpoint clients on GUI 

Thanks.



This thread was automatically locked due to age.
Parents
  • 0

    Do you have Logviewer entries for Authentication? 

    __________________________________________________________________________________________________________________

  • 0 in reply to LuCar Toni

    We have some entries, but many are missing... 

  • 0 in reply to seroal

    Are there failed logins, if so, could you share the entries? 

    __________________________________________________________________________________________________________________

  • 0 in reply to LuCar Toni

    Currently, there are not failed logins. What I figured out is, that the customer has different Names for samaccountname and UPN. So when samaccountname for example ist test, the upn could be like j.anders@localdomain.de. Could this be an issue in some cases? I mean, there are users with that scheme, at least shown as logged in on that firewall. But what about users not showing up at all. In this case, we have a server with serverprotection and the user is logging in to that machine. But the user won´t show up as live user. Where can we start now? Supportcase is already created.

  • 0 in reply to LuCar Toni

    Here:  Synchronized User ID and username with domain name not working 

    You wrote: "Endpoint should send the FQDN (domain.toplevel) + user name."

    If this is still the case, where can I see, what the endpoint is sending? Is that shown in the endpoint logs? If yes, I would say the endpoints sends this:

    2024-05-30T12:29:17.685Z [ 8904: 7348] A Session logon for: CUSTOMERDOMAIN\username
    2024-05-30T12:32:04.299Z [ 8904: 7348] A Session logoff for: CUSTOMERDOMAIN\username

Reply Children
Unfiltered HTML