This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SSL VPN and Active Directory Password Reset Behavior

Hi All,

I have a question on the behavior on the SSL VPN.

Its setup to allow Active Directory users: So with this behavior User A logs in to the User Portal for the first time, his account is auto generated, he can download the SSL VPN installation files and install them, then he connects with the SSL VPN with his Active Directory (windows) user name & password.

My question is, what is the behavior when he or she changes his Active Directory password? As the password expires on all AD accounts every 90 days.

Thanks for your help!

This thread was automatically locked due to age.

0 BAlfson over 11 years ago

By default, the UTM caches the password for 5 minutes, so passwords expiring at midnight should not cause a problem.

I used to do the same thing, creating users automatically when they logged into the User Portal. Now, where Active Directory (or eDirectory) is available, I just use 'Prefetch directory users' to sync the users and select 'Enable backend sync on login'. This limits the number of synced users to those that need to be synced. See #6 in https://community.sophos.com/products/unified-threat-management/astaroorg/f/51/t/22065.

Cheers - Bob
PS I just did cc get auth cache_lifetime on our UTM and the reselt was 300 - confirming the number above. Depending on the number of backend users and the power of your UTM, this value could be set to a shorter time, but I wouldn't recommend it.

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel

SSL VPN and Active Directory Password Reset Behavior

Submitted a Tech Support Case lately from the Support Portal?