Hot!Domain Users Authentication issue

Author
osama.mansoor
New Member
  • Total Posts : 7
  • Scores: 0
  • Reward points: 0
  • Joined: 2020/10/19 22:04:49
  • Status: offline
2020/10/19 22:16:17 (permalink)
0

Domain Users Authentication issue

Hi Experts,
 
I have recently deployed Fortigate Firewall 60e on my premises although all rules and web filter seems to be working fine we are having an issue with the user who authenticates with Microsoft Active Directory Domain controller below is our environment.
 
We have a single forest and single domain with multiple dites based domain controller and user authenticate through domain controller to access resources.
 
Our laptop user are facing an issue that they do not shutdown/sign out system daily they just hibernate systems and in next morning open lid of the laptop and provide a password and start working but their internet is not working and they call IT to support so every time we have to ask them to sign out system sign again to authenticate for internetworking.
 
We did some google and make changes in "Fortinet Single Sign-on Agent Configuration" but still facing this issue.
 
Below are our current settings.
 
 
 
 

Attached Image(s)

#1
boneyard
Gold Member
  • Total Posts : 364
  • Scores: 16
  • Reward points: 0
  • Joined: 2014/07/30 11:15:18
  • Status: offline
Re: Domain Users Authentication issue 2020/10/20 06:00:38 (permalink)
0
you can tinker with some timeouts, but there always will be limits on this. which makes sense because you can't assume that combination user / IP is the same forever. if you have a way to make sure it is then you don't need FSSO firewall rules.
 
but wouldnt it be easier to just announce through the office that hibernate won't work anymore and you need to shutdown / startup to get internet access.
#2
osama.mansoor
New Member
  • Total Posts : 7
  • Scores: 0
  • Reward points: 0
  • Joined: 2020/10/19 22:04:49
  • Status: offline
Re: Domain Users Authentication issue 2020/10/20 06:26:38 (permalink)
0
So what is the technical solution?
#3
boneyard
Gold Member
  • Total Posts : 364
  • Scores: 16
  • Reward points: 0
  • Joined: 2014/07/30 11:15:18
  • Status: offline
Re: Domain Users Authentication issue 2020/10/20 07:09:33 (permalink)
0
Dead entry timeout interval (minutes)
 
Disable dead entry timeout by settings it to 0.
When it is disabled , the user will stay with 'logged in' status forever.
 
https://kb.fortinet.com/kb/documentLink.do?externalID=FD31876
 
 
#4
Jump to:
© 2020 APG vNext Commercial Version 5.5