SSO Agent Server RODC

Options
Pippo
Pippo Posts: 13
First Anniversary Friend Collector First Comment
Hi :) , does the SSO agent work if installed on a server with RODC role?

Best Answers

  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 1,483  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Answer ✓
    Options
    Hi @Pippo,
    When user login domain, it will generate security events (ID:4768) on domain controllers and SSO Agent get local domain controller security events log directly. 
    It works on RODC as long as RODC have windows user login event 4768 and be able to get the groups information of users via LDAP.

    Want a FREE Access Point? Participate in our campaign and share your network setup for a chance to win! https://bit.ly/3z9MJPB

  • Pippo
    Pippo Posts: 13
    First Anniversary Friend Collector First Comment
    Answer ✓
    Options
    @Zyxel_Cooldia :) so you confirm me that the agent in the rodc domain environment can work? 

All Replies

  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 1,483  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Answer ✓
    Options
    Hi @Pippo,
    When user login domain, it will generate security events (ID:4768) on domain controllers and SSO Agent get local domain controller security events log directly. 
    It works on RODC as long as RODC have windows user login event 4768 and be able to get the groups information of users via LDAP.

    Want a FREE Access Point? Participate in our campaign and share your network setup for a chance to win! https://bit.ly/3z9MJPB

  • Pippo
    Pippo Posts: 13
    First Anniversary Friend Collector First Comment
    Answer ✓
    Options
    @Zyxel_Cooldia :) so you confirm me that the agent in the rodc domain environment can work? 
  • jasailafan
    jasailafan Posts: 193  Master Member
    First Anniversary 10 Comments Friend Collector First Answer
    Options
    It’s highly related to Windows AD setting. 
    Written permission for SSO agent is not required, as long as SSO agent can get security event and groups information of users.

Security Highlight