topic Re: How to verify authentication mechanism used in SASE and Remote Access

How to verify authentication mechanism used

prasannat — Fri, 25 Sep 2020 08:35:03 GMT

I have a scenario where users had local accounts created on firewall and now we have created user accounts in the Active Directory. The local accounts are to be deleted and all users should authenticate via AD only in future. To avoid disruption and migrate all the AD based accounts smoothly, how to identify if user is authenticating locally or via AD.

Re: How to verify authentication mechanism used

funkylicious — Fri, 25 Sep 2020 09:13:31 GMT

In the logs you can check after the Key install logs, for the Decrypt packets and the field called Src User Dn which should contain the full path for the user in AD.

Re: How to verify authentication mechanism used

prasannat — Wed, 30 Sep 2020 09:26:53 GMT

Thank you for your response. I managed to find the field, is there a way to export this information for all users which have this filed populated.

Re: How to verify authentication mechanism used

funkylicious — Wed, 30 Sep 2020 09:48:07 GMT

You would require to do a ActiveDirectory query for all users and get the distinguishedName attribute.

It's basically the full path to which the AD user is found in the Forest/Domain .

Re: How to verify authentication mechanism used

G_W_Albrecht — Wed, 30 Sep 2020 14:00:55 GMT

Try in SVTracker to show the column, filter and export.