I am running into a problem where we have multiple AD user groups for applying different Web Filter profiles. Everything appears to be correct in that the users are identified with the appropriate group & receive the correct Web Filter profile. User status in FSSO is " OK" . After a period of time the users status in FSSO changes to " Not Verified" and they begin receiving a different (Guest) Web Filter profile.
DC agent is running in polling mode.
When on the DC in Computer Management I cannot connect to another computer. I can however do a \\machine name or IP address from the start menu - But not in Computer Management. Per Fortinet support the FSSO agent will see the original user logon via the event logs & will query the user after a period of time to verify they are still logged in since there is no event log if they log off. Support states they cannot help me until I can connect to another computer via Computer management. We have verified the WS firewall is off, the remote registry service is set to auto & running. I found some information regarding a specific registry key permission, but it has not made any difference.
Any help would be appreciated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.