SSO Agent Status Down / Icon Red
03/26/2020 100 10536
The Status LED of the SSO agent may sometimes show red and the status displays “down” after an installation of the Directory Connector on a server. This could be related to different reasons:
- SonicWall can't communicate with the SSO Agent
- Shared Key is not matching
- SSO Server is not accepting the communication
Here's the troubleshooting steps:
- Make sure the SonicWall can communicate with the SSO Agent on the port 2258. You may run a packet capture to make sure all packets are Generated and replies are coming back.
NOTE: Packets towards the SSO Agent should be showed as Generated as the firewall is creating those packets.
- If no replies are coming back, it could be that a local firewall/AV is installed on the machine or the SSO Services are not correctly running on the computer. Please make sure the SSO Agent (Directory Services Connector) is up-to-date and that the machine is not blocking the SSO Requests. It could also be something in the network that is not delivering packets to the SSO Agent.
- If SonicWall and SSO are communicating, please make sure the Shared Key is the same on both ends.
- If everything is configured as above, they communicate but the SSO still shows as Red, the handshake has to be analyzed to see if the SSO Agent is closing the connection. It could be that a clean installation of the SSO Agent is necessary.
CAUTION: Sometimes some of the permissions on the server are not allowing the traffic.