SSO Agent Status Down / Icon Red

03/26/2020 170 People found this article helpful 483,991 Views

Description

The Status LED of the SSO agent may sometimes show red and the status displays “down” after an installation of the Directory Connector on a server. This could be related to different reasons:

SonicWall can't communicate with the SSO Agent
Shared Key is not matching
SSO Server is not accepting the communication

Resolution

Here's the troubleshooting steps:

Make sure the SonicWall can communicate with the SSO Agent on the port 2258. You may run a packet capture to make sure all packets are Generated and replies are coming back.
NOTE: Packets towards the SSO Agent should be showed as Generated as the firewall is creating those packets.
- If no replies are coming back, it could be that a local firewall/AV is installed on the machine or the SSO Services are not correctly running on the computer. Please make sure the SSO Agent (Directory Services Connector) is up-to-date and that the machine is not blocking the SSO Requests. It could also be something in the network that is not delivering packets to the SSO Agent.
If SonicWall and SSO are communicating, please make sure the Shared Key is the same on both ends.
If everything is configured as above, they communicate but the SSO still shows as Red, the handshake has to be analyzed to see if the SSO Agent is closing the connection. It could be that a clean installation of the SSO Agent is necessary.