- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
AD User override by service account for internet access (Internet access issue)
we are facing internet access through the Explicit Proxy mode with AD user authentication. Though they are already login to his PC with his domain logon , some time later original account override by service account(MacAfee antivirus update account)which showing in the Fortigate Log "Firewall User Monitor". As a result many of our users facing the problem more frequently.
Anyone please help me.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello,
Fix is to add these service accounts to Ignore List in Collector Agent.
Best Regards,
Alivo
livo
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Alivo,
Thank you for quick reply. I was applying ignore list in collector agent like this KB https://kb.fortinet.com/kb/documentLink.do?externalID=FD38828 but when we was applying KB, some user does not to be get internet access until restart the user PC. So what is the actual issue about this and how it will be solved?.
Best Regurds,
Masum
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello Masum, Thank you for feedback. That would mean the users logons were not available anymore (or never). Restarting PC would also mean a new domain logon once user signs in. That is why the internet traffic works again.
This will work until the user is removed due to dead entry interval timer (whether expected or not) or when there was another unwanted logon override. That often happens with already mentioned service accounts. Support, in such cases, will ask you for Collector Agent log in debug level. It contains nearly all information for us to see what happened to user logon after they notice the internet does not work. Not that I am suggesting to you to troubleshoot yourself but the info is there. It will show us for example these logon overrides, changes in IP addresses.
Best Regards,
Alivo
livo
