HI, I'm trying to get the Sophos XG appliances (SFOS 19.5) talking over Kerberos instead of NTLM. I can't see that the appliance has domain joined - no computer object. There are no SPN records created The appliances FQDN are different to the internal domain - eg xg.mydomain.com vs the internal domain where if it was domain joined it would be xg.local.mydomain.com The internal domain is local.domain.com but all the user's email addresses are domain.com The authentication server profiles have the Domain Name field set to mydomain.com so the email addresses are correct for users on the appliance I'm assuming it's not working due it not being joined and no SPN records existing. Thoughts, tips, solutions welcome. The Sophos documentation seems to be very little on the subject. Thanks

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

AD SSO and Kerberos

balletbob over 2 years ago

HI,

I'm trying to get the Sophos XG appliances (SFOS 19.5) talking over Kerberos instead of NTLM.

I can't see that the appliance has domain joined - no computer object.
There are no SPN records created
The appliances FQDN are different to the internal domain - eg xg.mydomain.com vs the internal domain where if it was domain joined it would be xg.local.mydomain.com
The internal domain is local.domain.com but all the user's email addresses are domain.com
The authentication server profiles have the Domain Name field set to mydomain.com so the email addresses are correct for users on the appliance

I'm assuming it's not working due it not being joined and no SPN records existing.

Thoughts, tips, solutions welcome. The Sophos documentation seems to be very little on the subject.

Thanks

This thread was automatically locked due to age.

Parents

Reply

Children

No Data