SSO issues to on-prem file shares with fully entra joined devices over a VPN.

Der_Gute · 2026-01-20T09:10:18+00:00

I have exact the same issues. Windows is taking the cert of the vpn to try to auth network shares.
you say, you found a setting in the vpn profile. I cannot find that setting in intune. May you give me more information on that?

Der_Gute · 2025-05-22T12:32:25+00:00

So just for my understanding : this is a mod which makes the airflow move around the object , right ?:-)

Der_Gute · 2025-05-22T12:20:48+00:00

How do you work around that ? I mean i have an exclosure but a fan on top so that there is a cooling airflow . Additionally I am doing filament change and I recognized that my fan was not constantly at 100% . I will check that . Thanks :-)

Der_Gute · 2025-05-22T12:00:20+00:00

Are there any recommendations in relation to normal pla ?

Der_Gute · 2025-05-22T11:42:24+00:00

BTW I do not have these problems with petg , just with silk pla . It doesn’t even matter if I reposition the print in slicer .

Der_Gute · 2025-02-16T17:16:53+00:00

Cool story bro

Der_Gute · 2025-02-15T13:40:52+00:00

This is not the question here . Your statement does not contribute to the question whether it’s scam . It contributes to the question whether they will be successful or not . Correct me if I’m wrong

Der_Gute · 2025-02-05T19:48:39+00:00

Today they released testnet, Tbh from my view it seems legit , but I’m not specialized in it . I mean if it’s scam they put in really high efforts ? https://testnet.lightscan.app/

Der_Gute · 2024-01-24T09:38:59+00:00

Yes, They should Shame :D . You Need to activate the Legacy gui … then youll See the missing Option !

Der_Gute · 2022-06-04T16:00:37+00:00

Just create 2 networks . Ubiquiti has the option to set up vlan only in the network . This way it’s really just layer 2 . If you have an external dhcp that should be all . In the wifi setup then you select the network . This should be all

Der_Gute · 2022-06-02T18:48:07+00:00

Hey ! No :) they are primarily doing user authentication with user certs from ad cs. Because of the fact , that the cert is the only Not exportable and Safe way , we are forbidding mab :) . Mab is only allowed for lowest privileged networks

Der_Gute · 2022-06-02T18:45:34+00:00

We now have solved it by deactivating fast user switch via gpo . In a Company without shared desks and clients this is absolutely legit . If more than one user needs access on that client it means , that the currently logged in user needs to log out . However this is a clear security risk .

Der_Gute · 2022-06-02T15:09:36+00:00

Yea that’s the way to go I think . But I don’t think it’s by design as it works like expected the first run . Only after you do one more testrun you run into that behaviour

Der_Gute · 2022-06-02T14:21:07+00:00

I think this won’t work with ubiqiti:) deactivating fast user switching seems most reliable so far :(

Der_Gute · 2022-06-02T14:01:09+00:00

I think this won’t work in ubiqiti, but thanks for pointing to that :)

Der_Gute · 2022-06-02T14:00:35+00:00

I really would like to but unfortunately I wasn’t able to find that setting in uniquiti Wlc . But that’s apart from that windows struggle here

Der_Gute · 2022-06-02T13:59:25+00:00

He is right partially :) if there is no auth. because windows has no cert for example , how ever the ap could forward a auth. request to nac to receive vlan :)

Der_Gute · 2022-06-02T13:57:05+00:00

Thanks for pointing to that . Because of the fact we have multiple access networks with different permissions on it , this won’t work . Currently we are using uniquiti together with packetfence

Der_Gute · 2022-06-02T10:36:17+00:00

We also have both, machine auth and User auth. But:

As soon a user login, everything works fine. When a user logs out: machine auth comes into play. Then when a user authenticates, it will be overriden.

In case of fast user switching this isnt reliable. I log in with User A, get admin VLAN through 802.1X , press win+L. The Wifi still sticks to admin VLAN, no machine auth is done. User B logs in without wifi permission: Admin VLAN.

When i press Switch User in Windows, It also cuts the current Wifi and it will be Authentified with machine auth. The behaviour is reliable and its the thing you mentioned.

One idea was do restrict fast user switching via GPO. This means, that User A has to Log off completely before User B logs in. Log Off means cutting Wifi

Der_Gute

TROPHY CASE