Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
pginete
Staff
Staff

Created on ‎01-29-2024 10:00 PM Edited on ‎01-29-2024 10:00 PM By Community Manager

Article Id 296243

Troubleshooting Tip: The user is not getting prompted by authentication when accessing the server via SMB even if the user is logged out

Description

This article describes why the user is not getting prompted by authentication when accessing the server via SMB even if the user is logged out.
Scope

FortiGate, FortiClient.
Solution

Diagram:

 

ZTNA SMB.JPG

 

In this setup, the user is using SAML authentication and FortiClient on a Windows machine. The SAML IDP is FortiAuthenticator or a third-party SAML IDP (Azure, etc).

 

The server can be accessed via SMB and using ZTNA TCP forwarding access proxy.

 

The user is getting prompted by authentication when he accesses the server via SMB for the first time.

 

The user will not get prompted by authentication again even if the user is logged out manually from the IDP or the authentication got changed in the FortiGate proxy policy or ZTNA policy.

 

This is by design and it is the normal behavior.

 

To get prompted by authentication, the user needs to shut down the FortiClient from the workstation:

 

shutdown forticlient.PNG

 

Then restart it by opening the FortiClient application again.
199
Submit Article Idea
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.