SSO

RaphaelOIiveria
RaphaelOIiveria Posts: 35  Freshman Member
First Anniversary Friend Collector First Answer First Comment
edited April 2021 in Security
Hi.
I am configuring the SSO, I used this article to configure SSO: https://kb.zyxel.com/KB/searchArticle!gwsViewDetail.action?articleOid=014878&lang=EN
I did all configuration, but when I enable Web Authentication the users not access internet and the SSO Logon User List not list any user.
My SSO Agente is install on windows server 2012 but my domain controll is 2016.

The SSO is compatiblish with domain controllers 2016?
«1

All Replies

  • RaphaelOIiveria
    RaphaelOIiveria Posts: 35  Freshman Member
    First Anniversary Friend Collector First Answer First Comment
    edited February 2019


  • Zyxel_Charlie
    Zyxel_Charlie Posts: 1,034  Zyxel Employee
    First Anniversary Friend Collector First Answer First Comment
    @RaphaelOliveira

    The 2016 AD server is not fully supported by Zywall, can you install Domain control on 2012 server and test it again.

    Charlie
  • RaphaelOIiveria
    RaphaelOIiveria Posts: 35  Freshman Member
    First Anniversary Friend Collector First Answer First Comment
    Hi.
    I was view the logs and this information is shown in log of agent:

    [2019/02/27 09:36:44 AM] [Operation] [INFO] Processing 172.16.20.3, not push it to handle events queue.
    [2019/02/27 09:36:44 AM] [Operation] [TRACE] Accepted connection from {172.16.100.30}:{44374}.
    [2019/02/27 09:36:44 AM] [Operation] [INFO] status: True and package.Status 64 
    [2019/02/27 09:36:44 AM] [Operation] [INFO] Processing 172.16.20.3, not push it to handle events queue.
    [2019/02/27 09:36:44 AM] [Operation] [TRACE] Accepted connection from {172.16.100.30}:{44375}.
    [2019/02/27 09:36:44 AM] [Operation] [INFO] status: True and package.Status 64 
    [2019/02/27 09:36:44 AM] [Operation] [INFO] Processing 172.16.20.3, not push it to handle events queue.
    [2019/02/27 09:36:44 AM] [Client] [WARN] Failed to query client: 172.16.20.3, Error code = 103.
    [2019/02/27 09:36:44 AM] [Gateway] [INFO] Succeed in connecting to Gateway(172.16.100.30).
    [2019/02/27 09:36:44 AM] [Gateway] [INFO] Succeed in sending information of (172.16.20.3) to Gateway(172.16.100.30).
    [2019/02/27 09:36:44 AM] [Operation] [INFO] Process 172.16.20.3 finish, remove it in dictionary
    [2019/02/27 09:37:24 AM] [Operation] [TRACE] Accepted connection from {172.16.100.30}:{44376}.
    [2019/02/27 09:37:24 AM] [Operation] [INFO] status: True and package.Status 16 



  • sk8erbender
    sk8erbender Posts: 74  Ally Member
    First Anniversary Friend Collector First Comment
    I have almost same codes error 103 and remove it in dictionary . ( ad server 2012 r2)
  • RaphaelOIiveria
    RaphaelOIiveria Posts: 35  Freshman Member
    First Anniversary Friend Collector First Answer First Comment
    I was reading a documentation about firmware update. Look this:

    Single Sign On 1. [SPR: 171002024] [Symptom] SSO Agent on workstation and AD use windows 2016 server cannot work
    SSO Agent version 1.0.6 cannot work as below: AD windows 2016 server, Windows 7 x64, Windows 8.1 x64, Windows 10 x64

    This documentation is about version V4.33(AAPH.0)
  • hedezsystem
    hedezsystem Posts: 4  Freshman Member
    First Anniversary Friend Collector First Comment

    How can we do in the case where the network is mounted on a Windows Server 2016 or Windows servers 2019 domain? At some point will the SSO agent be updated to be compatible? Or should I simply unincorporate the Zyxel USG 110 that I bought a week ago? What can I do to solve the problem since it is impossible for me to degrade the network to 2012 taking into account that there are 60 users.


    Regards...

  • RaphaelOIiveria
    RaphaelOIiveria Posts: 35  Freshman Member
    First Anniversary Friend Collector First Answer First Comment

    Hi guys.

    In the last week I got it deployment the SSO in a customer that have the domain controller with windows server 2016 and with functional level windows server 2016 too.

    I instlled de SSO agent in a windows 10 Pro, before I tried install in a windows server 2012 R2, but a dont had success.

    I thinked that requeriment was about domain controller, but the requariment is about SSO agent, so in this case we can install a VM with windows 10 Pro for example and instala de SSO agent in this machine.

    The customer have a USG 110 and I used the SSO agent version 1.0.6


  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 1,426  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer

    Hi @hedezsystem

    It’s in product’s roadmap, we will support in the future. 

    Before the SSO is fully supported on windows 2016/2019, you can use Web Authentication instead.


    Hi @RaphaelOliveira Thanks for the information sharing :)

    However, we can’t guarantee all the functionalities on windows server 2016 server at this moment since it’s not supported/tested yet.

  • RaphaelOIiveria
    RaphaelOIiveria Posts: 35  Freshman Member
    First Anniversary Friend Collector First Answer First Comment

    Hi @Zyxel_Cooldia

    Is very important the SSO here on Brazil, all customers question about SSO to be support with windows server 2016 and 2019.

    I think that the Zyxel should prioritize this case.

  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 1,426  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer

    Hi @RaphaelOliveira

    Thanks for the feedback, we actually had prioritized this task and it’s a confirmed plan. 

Security Highlight