Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 5 replies
  • Answers 1 answer
  • Subscribers 30 subscribers
  • Views 1474 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

AD User Sync in XG

gr33ny

Hello

I am trialling an XGS VM running SFOS v18.5.3 MR3.

I have setup AD Sync for users and groups.  We will specifically be using AD groups to control web filtering.

Must all users first navigate to the user portal before the XG will place them in the appropriate group, or is the sync automated?

I have read the documentation regarding AD Group sync and am a little confused on that front.  It says that the users won't be displayed in the web admin interface but will be sync'd to a backend DB.

Many thanks



This thread was automatically locked due to age.
  • 0

    In order for user to pop under the authentication > user list || Then the user must be authenticated once  by any means of authentication, either captive portal/user portal..etc.

    Thanks & Regards,
    _______________________________________________________________

    Vivek Jagad | Team Lead, Global Support & Services 


    Sophos Community | Product Documentation | Sophos Techvids | SMS
    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to Vivek Jagad

    Like Vivek Jagad stated ... user have to authenticate first.
    There is no "preload" mechanism implemented.


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.

  • +1 in reply to dirkkotte

    And most likely there are no use cases, which needs a pre fetch of users. 

    If you can work with groups, that is fine. If you have a firewall rule, which needs a user for example, that could be a use case of pre fetching (rare). 

    If you use SSLVPN / Ipsec, you can work with the group and it will create the users for you. 

    Web Proxy can work with the group and no need to fetch the users upfront. 

    Firewall the same. 

    Administrator role to create webadmin admins is tied to the user, not the group, so that use case could be potentially be a fetch scenario. 

    __________________________________________________________________________________________________________________

  • 0

    In addition to the other's answers, I would recommend to put SFOS V19 into your trial.

    Mit freundlichem Gruß, best regards from Germany,

    Philipp Rusch

    New Vision GmbH, Germany
    Sophos Silver-Partner

    If a post solves your question please use the 'Verify Answer' button.

  • 0

    Thanks for all of your replies.

    It's just for web filtering, so no pre-fetch required

    I'm coming from a UTM background so still trying to get my head around things!

    Chees

Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?