Filter
Top Products
User Management
1079
SonicOS 5.8.1 Administrator Guide
Step 12 Click the Users tab. The User Settings page displays.
Step 13 Check the box next to Allow only users listed locally to allow only users listed locally on the
appliance to be authenticated.
Step 14 Check the box next to Simple user names in local database to use simple user names. When
selected, the domain component of a user name will be ignored. User names returned from the
authentication agent typically include a domain component, for example, domain1/user1. If this
box is not checked, user names in the local database must match exactly the full names
returned from the agent, including the domain component.
Step 15 Check the box next to Allow limited access for non-domain users to allow limited access to
users who are logged in to a computer but not into a domain. These users will not be given
membership in the Trusted Users user group, even when set locally, and so will not get any
access set for Trusted Users. They are identified in logs as computer-name/user-name. When
using the local user database to authenticate users, and the Simple user names in local
database option is disabled, user names must be configured in the local database using the
full computer-name/user-name identification.
Step 16 If your network includes non-Windows devices or Windows computers with personal firewalls
running, check the box next to Probe user for and select the radio button for either NetAPI or
WMI depending on which is configured for the SSO Agent. This causes the SonicWALL network
security appliance to probe for a response on the NetAPI/WMI port before requesting that the
SSO Agent identify a user. If no response occurs, these devices will fail SSO immediately. Such
devices do not respond to, or may block, the Windows networking messages used by the SSO
Agent to identify a user.
Step 17 In the Probe timeout field, enter the number of seconds that the firewall should wait for a
response from the agent on the NetAPI/WMI port. The probe is considered failed after this
period. The default is 5 seconds.
Step 18 To enable probing on the NetAPI/WMI port without aborting the SSO attempt if the probes fail,
select the Probe test mode checkbox. Probe test mode is used to ensure that the probes do
not cause failures where SSO could have worked if they were not used. If probe failures are
reported when SSO is working, then either the probe timeout is too short or something in the