SSO Agent Server RODC

Pippo
Pippo Posts: 13  Freshman Member
First Comment Friend Collector Third Anniversary
Hi :) , does the SSO agent work if installed on a server with RODC role?

Best Answers

  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 1,511  Zyxel Employee
    Zyxel Certified Network Administrator - Security Zyxel Certified Sales Associate 100 Answers 1000 Comments
    Answer ✓
    Hi @Pippo,
    When user login domain, it will generate security events (ID:4768) on domain controllers and SSO Agent get local domain controller security events log directly. 
    It works on RODC as long as RODC have windows user login event 4768 and be able to get the groups information of users via LDAP.

  • Pippo
    Pippo Posts: 13  Freshman Member
    First Comment Friend Collector Third Anniversary
    Answer ✓
    @Zyxel_Cooldia :) so you confirm me that the agent in the rodc domain environment can work? 

All Replies

  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 1,511  Zyxel Employee
    Zyxel Certified Network Administrator - Security Zyxel Certified Sales Associate 100 Answers 1000 Comments
    Answer ✓
    Hi @Pippo,
    When user login domain, it will generate security events (ID:4768) on domain controllers and SSO Agent get local domain controller security events log directly. 
    It works on RODC as long as RODC have windows user login event 4768 and be able to get the groups information of users via LDAP.

  • Pippo
    Pippo Posts: 13  Freshman Member
    First Comment Friend Collector Third Anniversary
    Answer ✓
    @Zyxel_Cooldia :) so you confirm me that the agent in the rodc domain environment can work? 
  • jasailafan
    jasailafan Posts: 193  Master Member
    5 Answers First Comment Friend Collector Sixth Anniversary
    It’s highly related to Windows AD setting. 
    Written permission for SSO agent is not required, as long as SSO agent can get security event and groups information of users.

Security Highlight