Fortinet single sign on users showing as not verified.
The logon users list in the fsso shows over half of our users with the status of not verified. I have read up on this and it explains that the service Windows management instrumentation or remote registry if using that method to ascertain who is on the network, must be blocked.
I have added wmi as an exception to 12 users firewalls and the wmic command now works fine and returns the login username as expected. I did however expect the status of the 12 users to change to ok from not verified, this has not happened. Could somebody advise what else could be causing the not verified status.
Could you please check, if the firewall ports TCP 445 and TCP 135 are opened from FSSO server to end devices. Please check all the firewall in between FSSO and end devices, including Windows firewall on computers.
You can also try below mentioned command to check the result from FSSO server.
wmic /NODE:<WORKSTATION_HOSTNAME_OR_IP> COMPUTERSYSTEM GET USERNAME
Apart from that please ensure that DNS records are up to date for computer accounts.
**If you come across a resolution, kindly show your appreciation by liking and accepting it, ensuring its accessibility for others**
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.