The WatchGuard SSO Exchange Monitor is an optional component of the WatchGuard SSO solution that you can install for users who do not have the SSO Client and who use computers with Mac OS X or mobile devices that run iOS, Android, or Windows mobile. The SSO Exchange Monitor enables the SSO Agent to get user logon and logoff information for those users.
To use the Exchange Monitor, you must install it on the same server where your Microsoft Exchange server is installed. The Exchange Monitor can then review the IIS service logs on your Exchange server to get logon and logoff information for your users. When the SSO Agent contacts the Exchange Monitor to find out if a user who wants to authenticate has a current session, the Exchange Monitor sends the logon and logoff information for the user to the SSO Agent. The SSO Agent can then allow or deny the user a connection to the XTM device.
On the computer where you install the Exchange Monitor:
There are two installer file options for the SSO Exchange Monitor. Make sure to select the correct installer file for your server environment:
To download an installer file:
On the server where your Microsoft Exchange server is installed:
For example, if your domain is example.com and you use the domain account ssoagent, type example\ssoagent.
You can also use the UPN form of the user name: email@example.com. If you use the UPN form of the user name, you must include .com or .net with the domain name.
When the wizard completes, the WatchGuard Authentication Gateway service starts automatically. Each time the computer starts, the service starts automatically.
After you complete the Authentication Gateway installation, you must configure the domain settings for the SSO Agent and Exchange Monitor. For more information, see Configure the SSO Agent.
About Single Sign-On (SSO)
Install the WatchGuard Single Sign-On (SSO) Agent
Install the WatchGuard Single Sign-On (SSO) Client
Enable Single Sign-On (SSO)