16
General Discussion / Active Directory - SSO
« on: September 28, 2018, 01:37:42 am »
As I mentioned in another thread, I am evaluating this platform as a replacement for my business customers.
My initial research shows that the only AD-sync that can be done is manually... While pfSense and most other enterprise platforms offer an AD sync option.
I saw a thread here with conversation between and end user and maybe Franco, where the value of an automatic or real-time sync was questioned...
Quite simply put - I do not know any SMB, mid or enterprise admin that wants to manually sync a firewall to AD every time a users is added or a security group or OU is changed.. let alone every time a user changes their AD credentials. That is insane! Unless I am missing something, that is the case here.
In most business networks, AD is used and AD credentials are reset regularly, most often by end users. If this firewall is used as the VPN concentrator, then user's will be constantly locked out until a resync is done or user's are manually added to the firewall....
Honest question (no disrespect meant to anybody). Is this an honest business product, or a fancy home firewall/router targeted at tech savvy bit twiddlers tired of DD-WRT or mad at pfSense for selling out?
My initial research shows that the only AD-sync that can be done is manually... While pfSense and most other enterprise platforms offer an AD sync option.
I saw a thread here with conversation between and end user and maybe Franco, where the value of an automatic or real-time sync was questioned...
Quite simply put - I do not know any SMB, mid or enterprise admin that wants to manually sync a firewall to AD every time a users is added or a security group or OU is changed.. let alone every time a user changes their AD credentials. That is insane! Unless I am missing something, that is the case here.
In most business networks, AD is used and AD credentials are reset regularly, most often by end users. If this firewall is used as the VPN concentrator, then user's will be constantly locked out until a resync is done or user's are manually added to the firewall....
Honest question (no disrespect meant to anybody). Is this an honest business product, or a fancy home firewall/router targeted at tech savvy bit twiddlers tired of DD-WRT or mad at pfSense for selling out?