Support on SonicWall Products, Services and Solutions
Browse Knowledgebase by Category
How to Configure the SonicWall SSO Agent Software
03/26/2020 
1453 
18279
DESCRIPTION:
The SonicWall SSO Agent communicates with workstations using NetAPI or WMI, which both provide information about users that are logged into a workstation, including domain users, local users, and Windows services. WMI is pre-installed on Windows Server 2003, Windows XP, Windows ME, and Windows 2000. For other Windows versions, visit www.microsoft.com to download WMI. Verify that WMI or NetAPI is installed prior to configuring the SonicWall SSO Agent. The .NET Framework 2.0 must installed prior to configuring the SonicWall SSO Agent. The .NET Framework can be downloaded from Microsoft at www.microsoft.com.
Please Note: When using Single Sign-on, SSO agent tries to identify the logged in user by querying the workstations using NETAPI or WMI protocols. NETAPI and WMI require "file & print sharing" enabled on the end workstations.
RESOLUTION:
To configure the communication properties of the SonicWall SSO Agent, perform the following tasks:
Step 1 Launch the SonicWall Configuration Tool by double-clicking the desktop shortcut or by navigating to Start | All Programs | SonicWall | SonicWall Directory Connector | SonicWall Configuration Tool.
NOTE: If the IP address for a default SonicWall security appliance was not configured, or if it was configured incorrectly, a pop up will display. Click Yes to use the default IP address (192.168.168.168) or click No to use the current configuration.
- If you clicked Yes, the message Successfully restored the old configuration will display. Click OK.
- If you clicked No, or if you clicked Yes but the default configuration is incorrect, the message SonicWall SSO Agent service is not running. Please check the configuration and start the service. will display. Click OK.
- If the message SonicWall SSO Agent service is not running. Please check the configuration and start the service displays, the SSO Agent service will be disabled by default. To enable the service, expand the SonicWall Directory Connector Configuration Tool in the left navigation panel by clicking the + icon, highlight the SonicWall SSO Agent underneath it, and click the (Play) button.
Step 2. In the left-hand navigation panel, expand the SonicWall Directory Connector Configuration Tool by clicking the + icon. Right click the SonicWall SSO Agent and select Properties.
Step 3. From the Logging Level pull-down menu, select the level of events to be logged in the Windows Event Log. The default logging level is 1. Select one of the following levels:
• Logging Level 0 - Only critical events are logged.
• Logging Level 1 - Critical and significantly severe events are logged.
• Logging Level 2 - All requests from the appliance are logged, using the debug level of severity.
NOTE: When Logging Level 2 is selected, the SSO Agent service will terminate if the Windows event log reaches its maximum capacity.
Step 4 In the Refresh Time field, enter the frequency, in seconds, that the SSO Agent will refresh user log in status. The default is 60 seconds.
Step 5 From the Query Source pull-down menu, select the protocol that the SSO Agent will use to communicate with workstations, either NETAPI or WMI.
TIP: NetAPI will provide faster, though possibly slightly less accurate, performance. WMI will provide slower, though possibly more accurate, performance. WMI is pre-installed on Windows Server 2003, Windows XP, Windows Me, and Windows 2000. Both NetAPI and WMI can be manually downloaded and installed. NetAPI and WMI provide information about users that are logged into a workstation, including domain users, local users, and Windows services.
Step 6 In the Configuration File field, enter the path for the configuration file. The default path is C:\Program Files\SonicWall\DCON\SSO\CIAConfig.xml.
Step 7 Click Apply.
Step 8 Click OK.
