Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 30 replies
  • Subscribers 29 subscribers
  • Views 10545 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos XG detect wrong user group

The Do

Hi everyone,

I'm using SFOS 17.5.7 MR7. I having an issue about user group.
I have Active directory server as a authentication server. I have some group for user where i can apply policy for each. 
This was running fine. But recently I notice some users are associated to wrong group.
For example I'm an IT, I supposed to be in IT group, but Sophos XG put me in Staff group, which is a default group I set in Authentication server list. 
And the most weirdest thing is that although XG put me in Staff group, it applies the IT policy for me. In IT policy, I only put IT group in Identity. 

I checked all the configuration following the KB https://community.sophos.com/kb/en-us/123158 and https://community.sophos.com/kb/en-us/123161 and I'm quite sure I did right.

But I have no idea what's wrong with my XG. Could you please advice?



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to guillaume bottollier

    Hi  

    Sorry for the inconvenience caused! The case is being handled by Global Escalation Team and they are working on the case with priority.

    I will look into it and ask them to inform you at earliest with further progress over the case.

  • 0 in reply to guillaume bottollier

    I just want to ask here first for avoiding create too many case about same issue, that would make the support team more pressure. As  has created a case so we may refer to that. 
    : please kindly keep us posted. If you have any solution from the support team, pls share with me. Cheers.
    Btw, I just realized one more thing. I tried deleting my username in XG, then login again via web authen and STAS. I login with web authen on my Phone first, and magically XG put me in the right group, which is IT. Then I login to my PC joined domain to authen via STAS and it put me again in Default group. I thought it would be an issue on STAS agent then I tried reinstalled it but it didn't help. 

  • 0 in reply to The Do

    Of course i will keep you updated... as soon as support will come back to me.

    it's defintly not a STAS issue, as i don't use it on this case.

  • 0 in reply to guillaume bottollier

    Please open up a Case and maybe cross reference.

    But it is important to actually open a Case for each issue.

    Just to get the priority right: For example, there is a general issue, but just one customer report this issue. For the vendor, it looks like, this issue is just with one installation and "unique". Instead its a general issue and the vendor has to look into this issue with priority. 

     

    Another point is: STAS and other mechanism in XG should use the same kind of authentication.

    Do you have different DCs? 

  • 0 in reply to LuCar Toni

    Hi,

    yes multiple AD's, and problem concern one group in one AD with no difference than the others.

     i agree with  please open a case and put mine in reference, maybye this will make things go forward a little bit faster...