Welcome to the Sophos User Bulletin Board.
If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

LinkBack Thread Tools Display Modes
Junior Member
Join Date: Dec 2012
Posts: 26
#1 (permalink)  
Old 09-25-2015, 01:02 AM
Default Web Access AD reauthentication


i need some advise on my issue on my UTM. i have configured for a long time already AD Standard SSO. what my users is experiencing recently is they have been ask to reauthenticate and unable to authenticate so i reset the UTM and most users can authenticate. There has been no changes to AD server itself. CPU usage of the UTM is normal below 50%. my next move is to rejoin domain the UTM and resync all AD groups and users to fix the issue.

Any idea why this issue is happening? any idea how to fix and prevent users from reauthentication? thanks for the advise
Reply With Quote
SOPHOS Employee
Join Date: Jan 2013
Posts: 990
#2 (permalink)  
Old 09-25-2015, 02:29 PM

In a normal setup, Standard mode AD SSO should succeed with no prompting the user (hence Single Sign On). If the browser does a pop-up for credentials (which can be the case, if the local user is not a member of the domain the UTM is a member of) the browser should remember the credentials from before and reuse them.

I think there is something wrong with your setup. What it is, I don't know.
Reply With Quote
BAlfson's Avatar
Grandis Professorem Astaro
Join Date: Mar 2007
Location: Oklahoma City
Posts: 21,496
#3 (permalink)  
Old 09-25-2015, 07:34 PM

Rejoining the domain might fix this. Also, make certain that you're using Kerberos instead of NTLM as suggested in HTTP-S Proxy Access with AD-SSO.

Also, you might want to consider #6 in Rulz.

I don't think re-syncing will make any difference.

Cheers - Bob
ACE V7 - Astaro Preferred Partner since V3
SCA/UTM - Sophos Gold Solution Partner
Addicted to my iPhone!
Reply With Quote

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

All times are GMT. The time now is 08:01 PM.

Powered by vBulletin® Version 3.8.6
Copyright ©2000 - 2015, Jelsoft Enterprises Ltd.

These pages are specifically maintained for the discussion of firewall issues within the Open Source community, and might already reflect new alpha/beta releases under development. Please refer to our product specifications for the functionality of the actual release. Discussions of new/enhanced functionality does not constitute a commitment of Astaro, to integrate this functionality into future releases.