Default domain on contemporary 500v
Hey how can i make the default on the contemporary interface be "mydomain.ca". Currently, if you try and log in with contemporary interface, it defaults to LocalDomain.
The classic interface defaults to "mydomain.ca"
Why the inconsistency? can you tell me how to default to my domain or failing that, how to disable the contemporary interface for everyone? i dont want to answer a hundred questions about why peoples login's don't work because they have selected the wrong domain... this should be settable.
is it a bug or? please fix if so. thanks. its a 500v virtual appliance.
Best Answer
-
MasterRoshi Moderator
See GIF, sales.ad.sorosh.ca resolves to 192.168.200.50 by the way. @JamesD, @eol_sonicwall
6
Answers
Hi @eol_sonicwall ,
I don't believe you can, it's even worse that if you have multiple domains on a portal they are not sorted alphabetically.
Some of my complains can be found here:
Having a default domain seems to be a good idea for some scenarios.
--Michael@BWC
yeah as someone who has been supporting and using sonicwall devices for the last 15+ years, i would say thats par the course. They take forever to get new firmware updates out, bugs go unsolved for years, and then appliances go end of life with no resolution but to buy the newer model.
I really didn't want to jump back onto the sonicwall train, but they are stupid easy to use for my users, and everyone is familiar with the interface. Most other solutions i looked at were either too complicated, or didn't do basic things like rdp in a browser, or per user bookmarks....
Would be nice if they would fix the little things like this. Its hard for me to recomend them to others when they don't fix things that I know are super basic. I remember one time i had an old unit with a compact flash card get corrupted. They would not send me an image to install onto a replacement card, or even sell me the whole card itself. I had to buy a new $3000 appliance. That really pissed me off, but i was never able to find something that matched the features and ease of use to replace it with. So another sonicwall went in.
Even the 500v, its basically the exact same as my old SRA4000. They fixed the SMB bugs, removed all the java crap, and gave it a different UI skin, but i was very surprised when i fired it up. I mean there is something to be said for consistency of UI over generations.... but i often wonder if one guy designed the whole OS and then left the company years ago and now they are just doing bugfixes to an extremely old codebase that people are too afraid to change too much. How else could you explain trivial little things going unfixed for so long?
Well maybe the renewed attention being driven by work from home will spur their development team into greater action. I mean at least give me the option to force a default domain or a user interface preference onto everyone! that is super basic in my opinion.
Hello @eol_sonicwall,
I hope you are well!
Thanks
Knowledge Management Senior Analyst at SonicWall.
"Once selected,"
do you mean once selected by the user initially the first time? I do have a portal already created. As in, i have a virtual office under portals -> portals
Are you saying that every user has to flip it from localdomain? becuase yeah, thats the behaviour i am trying to correct. Can you please put it in as a feature request? i will just have to send a mass email to all my users letting them know of this deficiency and the work around.
@eol_sonicwall
By"Once selected ", I meant, Once a user selects a domain, log in and the consecutive logins should pop up the same domain.
In case this is not what you are experiencing, I would suggest checking with the Support team once.
Thank You
Knowledge Management Senior Analyst at SonicWall.
Hey @eol_sonicwall ,
We have a number of portals / domains that we have being setup as an MSP and all.
We have a different URL for each one of our customers. We make the sub-domain different for each customer.
So, customer.ourmsp.co.nz points to the customer portal and domain.
When the user goers to logon it then presents the correct domain.
The are then tunneled back into their own SonicWALL to their LAN or whatever is required via the use of bookmarks..
Is that the behavior you are after?
Best, Steph.
it presents the correct domain in the "please choose your domain" box?
actually it does for me too, if i use classic interface. On contemporary it presents always LocalDomain first. Yes i am using URLs and subdomains too. There is just one domain, not even multiple. One domain and 'localdomain' that is.
No pulldown, it is prepopulated..
ok well how did you do that?
and how do you switch to "localdomain" when you do need to administrate the actual backend of the appliance?
Hey @eol_sonicwall
You need to setup a Portal with a Virtual Host Domain Name.
For admin, just use the Virtual Office as normal and signon as an admin...
Kindly, Steph.
yes i do have a virtual host already. I am able to select it from the dropdown, then actually it goes to that page you have the screenshot of above. So i did have that page, it just defaults to LocalDomain, until you pick the correct domain one time and maybe it sets a cookie or something.
it does not use it like a normal "virtual host" would in say apache, that it takes the domain name the connection comes in on and uses that. That would be nice but does not seem to work that way.
So you have a separate portal setup for each scenario?
you think i should set a portal for localdomain?
I have only one domain. And LocalDomain. This request is to make it default to MY real domain, not localdomain, for users when they first bring up the webpage.
We use a separate portal to get the simple login
This is a couple of weeks old, but has anyone found another solution yet? The client is asking for the domain not default to LocalDomain and that is understandable. The problem with setting up a portal/virtual host seems to be that the desired domain is the same as their website domain, so trying to set up a virtual host for that name just takes them to their website.
Also is there a way to force the browser to not remember the creds, or is it since this is specifically a browser function that can't be done?
Option1:
@JamesD, you can force a default domain by editing the domains and deselecting the portals until there is only one domain. Afterwards, the option to choose a domain is not present and whatever domain is left is what will default for logins.
You need to have multiple portals for this solution. What I did was have my vpn.domain.com portal default to the AD domain and left virtual office as is. You can then access the SMA directly via IP address for LocalDomain management (even if it is the same IP as vpn.domain.com because the SMA will know from the client hello which portal you are trying to access).
Here is Option 2:
https://www.sonicwall.com/support/knowledge-base/how-to-hide-the-list-of-available-domains-from-the-virtual-office-portal/170502737651727/
Due to the poopy bird and marketing info, i just made a custom portal page. On that page i added the text to tell users to switch the drop down from "localdomain" to "domain.ca". Also a message is put there that they cant log on with their full email address, as people are very prone to doing because single sign on generally does not care whether the username has the domain part or not. The 500v does.
I havent had any users asking me about it because its right in their faces, the messaging.
Wish sonicwall would fix this, but they take forever for these little things and i cant wait around.
If you hide the domain list, then the users have to type in the domain manually, which is far worse and not a real solution.
@eol_sonicwall, you can just edit the localdomain in Portals -> Domains and deselect that portal and it will default to your main domain.
See my previous response.
Well someone can test that and see if it does. I feel like i did test it. The appliance is live right now so i am not going to go flipping settings around. In the screen shot from this page the domain is blank:
and i am pretty sure it didnt work when i tested it. But someone else can retest.
I have my previous response to be more clear @eol_sonicwall .
Here is option 1:
When you have multiple portals, you can deselect the portal from localdomain. This will stop localdomain from showing up as an option.
Option 2 is the KB.
MASTERROSHI, thanks for your help but so far I am unable to get the new portal I created working either. I did select the portal name under "domains" to be my new but it's still logging into local domain for some reason (by default and without and option to change it like in your screenshot from eariler). In the portal settings, in the virtual host tab I entered the proper domain in "virtual host domain name" but it's still defaulting to LocalDomain as stated. Any ideas?
Hi @JamesD
multiple portals usually work very well. All you have to do is setting the Virtual Host Settings.
Virtual Host Domain Name, e.g. sales.company.com, and of you course you have to access the portal by that name :)
Virtual Host Interface is set to All Interfaces, otherwise more specific firewall settings would be necessary.
Does your Virtual Host Certificate cover the Portal Virtual Host Domain Name as well?
Having multiple portals is a good way to separate Management from other Portals and IMHO highly suggested.
-Michael@BWC
Sorry for hijacking, but did anyone experienced the same that with Internet Explorer 11 you'll not be able to select a domain on the logon screen? The developer tools / console show some errors when clicking on the drop down box.
Is this a known issue?
--Michael@BWC
MASTERROSHI, thank you so much for your help. It's still not working for me. I found it a little counter-intuitive that you had both portals checked off in your sales domain. I am unable to check both off (my firmware version is different I guess because it has the more classic look to it). Also, my options under localdomain portal are different and I don't have all the same tabs as I do on the created portal. Though I don't think that matters much.
This has been a lot of work for something simple that should have been ironed out with even the most basic of QA testing. Oh well.
Also, it seems that the "classic mode" option does default to the proper domain name and your browser remembers to use classic mode on subsequent visits. But I am not finding an option to default to that mode. Is that somewhere in the config?
Hi @JamesD
there is no setting to have the classic mode as default for users who never connected to the appliance before. The only option is to point them to /cgi-bin/welcome.
It's causing so much confusion with customers, because the new design gets forced on them. I complained about that a lot but it seems as it is.
--Michael@BWC
I watched the gif. I downloaded and paused the gif with media player classic.
it does appear to work. I have the custom portal interface in the modern mode. It does force a first screen where you have to select from both domains (localdomain, and mydomain.ca) but it is defaulted correctly to mydomain.ca now.
I guess thats problem solved, but it sure doesnt feel like a victory.
Definitely thanks for the gif though, explained it perfectly.