Has anyone deployed FSSO on AVD that sits behind a pair of FortiGate NVAs in an Azure hub-spoke topology?
It's a basic idea in principle but I can't see that anyone has ever written a blog about it or even asked on a forum.
Basic High-Level Diagram:
Created on 04-09-2022 08:21 AM Edited on 04-09-2022 08:21 AM
Hi
I don't see the reason why it should not work
FSSO requirements are generic :
PC joined in domain
FSSO CA to have access to Domain Controller Event logs if the polling method is used
Server where FSSO CA is installed to be in domain too
Proper DNS resolution since FSSO is IP based
We tried and it didn't work. Involved support and we were told it wasn't supported.
AVD (at least, in our architecture) is actually a modified Windows 10 desktop running in terminal server mode. Meaning that you have 15+ users on the same VM. If you use the traditional FSSO DC agent, this will have the same effect as on a TS, the last users to login to the desktop will determine the rights of all users on that same VM.
We tried using the FSSO TS Agent but couldn't get it to work. That's where the support told us it wasn't supported in that particular context.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1738 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.