Reason I ask is that the documentation for it is unavailable, unless I've missed something, however, based on some other threads I perceive there to be the possibility of using STAS created objects within firewall rules. Initially my assumption for STAS would be that it would strictly be used for the Web Protection module only.
On behalf of the crowd here, I'd like to ask for some documentation on how STAS is to be configured, and where it can be used through out the UTM.
It was more to do with how to configure the Web Protection module to use STAS discovered users.
For example, my finding have deduced that the Web Filter profiles, the Authentication Type must be set as AGENT.
In all my dealings previously this has either been Standard Mode AD-SSO or Transparent Mode AD-SSO.
As such with STAS, using AGENT in the Web Protection profiles was the one piece of information missing from the documentation I've seen to date.
And using AGENT is marvellous.
I'll still join the UTM to AD, but my web profiles use agent now.
Works very well.
When in doubt, Script it out.