Comments
-
No it doesn't have in-built option to send notification email on login failures, but you can configure SIEM tools (like Splunk) to check for events from SMA and detect login failures. You will need to enable "Accounting records" under Realm and configure your SIEM tool details under Logging → Configure Logging →Syslog…
-
I just found out that partial import of configuration will also include TOTP user accounts. So you dont really need to do full import just to get TOTP user accounts.
-
Am assuming that by MFA you mean TOTP user accounts. Without CMS, you will need to export the configuration manually and import on the target appliance. You will also need to un-check the "Partial configuration" option while importing to get the TOTP user accounts. Be careful and validate the network settings and other…
-
Ya, it may not be, but this will need analysing logs/traces/config, which is risky to be shared on public forum. Please get in touch with Tech Support.
-
There could be some conflicts with network routes, will need reviewing network traces, logs and config. Could you reach tech support with them?
-
Reverse proxy is designed to work with HTTP traffic. So, it wont work with NetExender. Try a firewall instead of reverse proxy.
-
It is not clear how you configured SMA to do EPC using AD certificate. Try if this helps, End Point Control → Profiles →New →Platform (Windows/Mac/Linux) → Add → Client certificate. You can add this to a zone and add the zone under Device zones of your community. If you dont want users to connect from devices without this…
-
This will need reviewing the client logs. You can reach tech support for that.
-
If they have client version 12.4.0.680 or later, they do not need admin permission to upgrade.
-
Technically, yes 12.4.0 client will be able to work with 12.4.2 server. But you will lose out on the new features related to clients. Do note that clients can be automatically be upgraded to the version available on appliance when they connect next time. You can find this option under each Community settings page on AMC,…
-
There is absolutely no way to skip 2FA when configured. I don't think you can use a realm with 2FA for ActiveSync/Outlook access. You might need to create another realm/AD without 2FA just for this and update your ACLs. Can you reach tech-support with this query, that should help Engineering team to take a note of this…
-
Yes, pform-hotfix-12.4.0-03189 contains fix for the LM communication issue discussed above.
-
@Nat - Fix for LM communication issue is available on HF versions pform-hotfix-12.4.0-03189 and pform-hotfix-12.4.1-02698. Since SMA1000 HF's are cumulative in nature, all the HF versions above these versions will also contain the fixes. You should always pick the latest available HF for your firmware version as that will…
-
If you have configured "autodiscover.domain.com" as the "Exchange autodiscover FQDN" and public DNS is resolving "autodiscover.domain.com" to SMA, you can test the Autodiscover response using the testing tools provided by Microsoft. Just accessing autodiscover URL (HTTP GET method) will not give you the autodiscover…
-
@ASTech2020 - you can create one device profile with multiple device IDs which will be much more easier to maintain compared to multiple device profiles, unless you have specific reason to do so. In order to test whether the device IDs are being effective or not, you can create new ActiveSync device profile without any…