SSO LDAP Group refresh not working
Thomas_Buergis Enthusiast ✭✭
edited September 2021 in High End Firewalls
There is no configuration to force an LDAP Group refresh for a logged-in SSO user.
Even after hours, the firewall does not notice that the user has been removed from an LDAP/AD group. The only workaround is to log out all existing users on the firewall, so the SSO kicks in again and looks up the group memberships.
Any other suggestions? Any plans to introduce an LDAP group membership interval?
Category: High End Firewalls
Hey! You will be signed out in 60 seconds due to inactivity. Click here to continue using the site.
@Thomas_Buergis IMHO there is no such thing like automatic refresh of LDAP Group Membership for authenticated Users through SSO. In my experience I had to logout the user manually via Monitor -> User Sessions -> Active Users to gather the latest Group Membership.