12-22-2021 03:50 AM
Hello Bros'
few months ago I had an issue with the GlobalProtect and employees working from home and that was.
all employees log-in to vpn globalprotect via their domain account mydomain\myusername.
we had issues regarding the sso in the portal configuration were enabled which lead the employees trying to connect to use sso "windows account" wich led to login using myusername only, and this won't get them connected.
for this we have disabled the windows single sign on, and everything went fine since so.
But now from time to another I met with employee which I am troubleshooting his issue that it still trying to connect to myusername only, and eventhough we have disabled sso, and worked fine.
what is the config part that still but fewer occurence that make employees globalprotect to failover on windows account but not the account configured within the GP login fqdn.?
setting changed:
Use Single Sign-on (Windows) No
Use Single Sign-on for Smart card PIN (Windows) No
Clear Single Sign-On Credentials on Logout (Windows Only) Yes
TIA
01-13-2022 02:08 AM
See the article below and make an authentication sequence where the local database is first?
01-13-2022 02:50 AM
Hello Nikolay,
Thank you for your replay.
The authentication sequence doesn't include the local DB, but I have noticed it's happening very few occurrence with people who were days "a week or more" have not been connected at all to the gateway.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
