Windows server 2012 domain controller.
I installed the 9.5 update on June 2, did not see any issues with this for the client, updated to 9.501-5 on June 12 midnight, and Internet access is failing on multiple sites.
Can get to Google.ca
Cannot get to canada411.com - Too many http redirects message.
Turned off web filtering and the websites were available - but the client requires filtering.
Re-enabled and turned off AD SSO authentication and websites are available again with correct content being blocked.
Attempted to remove from and rejoin domain, but domain join failed.
Currently, I have the client functioning, but, I need to rejoin AD and resume SSO authentication.
Did you see this ?
Which browser did you use? Try Firefox.
Tried Chrome and IE before dropping from the domain, but, since I cannot re-join the domain, I am unable to test the Firefox.
The client requires custom security settings in IE, so Firefox is not a viable option.
As suggested here: Sophos Forum
Remove the utm from the Domain, delete the computerobject in the AD, force and wait for DCs to sync, rejoin the domain.
This worked fine for me. AD SSO works again in Proxy Standardmode.
After removing the UTM from the domain i restarted all Sophos UTM Cluster Nodes.
I don´t know if thats necessary, but maybe you could try that if it still doesn´t work.
I hope the AD SSO still works after another restart of the UTM.
I am glad it works now so i did not try it....
This Problem is not exclusive to 9.5.
We are on 9.414-2
Did the same as Benedikt and it works again. Remove the computerobject from AD, synced the DCs (repadmin /syncall) and then I rejoined the AD in the "Single Sign-On" Tab.