Other accounts on the domain

Identification by SSO agent may be cancelled on the firewall if the user of the workstation uses a different login on the domain. This second identification is relayed by the domain controller which replaces the initial session.

These cases occur especially for the following types of access:

  • Logging on to an intranet using the kerberos and/or ntlm method,
  • Mounting of shared remote resources (files, printers) via the SMB protocol,
  • Connecting to RDP Terminal Services on a remote server.