Watchguard SSO

AbertayAbertay
in Firebox - Authentication

Hi,

Does anyone know if there is a command you can run to force the SSO client on windows to re-auth? We have an issue when device come out of sleep they often take a minute or two before SSO starts working again and it annoys our users somewhat.

thanks

--
WatchGuard M4800 (x2 Cluster)
WatchGuard M690 (x2 Cluster)
Firmware : 12.10.4

Comments

  • james.carsonjames.carson Moderator, WatchGuard Representative

    Hi @Abertay

    There isn't a command that will do this, per se.

    SSO relies on windows event logs to determine what state of logged in the user is. If the client has the SSO Client installed and that is the primary method of authentication in the SSO Authentication Gateway, this will usually be the fastest at picking up changes.

    If you're also using event log monitor, or using that as a backup, that might actually be what is picking the change up when network access to something else in the Windows domain occurs.

    I'd suggest creating a support case so that we can take a look at your SSO logs, and see why this is taking so long for the user to authenticate.

    Failing that:
    -Attempting to access some network resource that requires authentication (like a file share) as soon as the user is connected may get SSO to notice a login more quickly.
    -If the user is on WiFi, it may be advantageous to use RADIUS SSO (provided your APs support RADIUS accounting messages.) This would generally require the use of WPA2/3 professional over using a pre-shared key to access the network. If you are already using this it might provide a faster way to get the authentication data.

    -James Carson
    WatchGuard Customer Support

Sign In to comment.