The RMM Sophos software plug-in is polling all of the Partner's Customers. It is the Sophos Plugin running on the Partners Server that is the source of the request. These are entries made by your Partner's RMM applications that utilize our Sophos plug-in/Management APIs. Please whitelist the IP addresses from the Europe region: Ĭentral Dashboard Audit Logs: repeated "Access Denied" entries referencing 'alerts:read' and 'endpoint-state:read'Ĭustomers (Central Dashboard and Enterprise Dashboard), as well as Partners (Partner Dashboard) - could see excess amounts of Audit log entries that reference both 'alerts:read' and 'endpoint-state:read'. This requires customers on-premise IDP server to be able to communicate with Auth0’s servers. Sophos Federation login utilizes Auth0 as a third-party proxy service for integration with different IDP providers. One common reason for these errors is a result of customers' local IDP server being behind a firewall with regional restrictions that is preventing communication with Auth0 services hosted in Europe. (Okta) Attempting to log in via SSO you receive an "Expected 200 OK, got: 403 Forbidden" error (ADFS) "Failed to change IDP status" error attempting to add a new Identity Provider configuration. The footer information incorrectly states ‘Groups’ when it should state ‘Users’.Ĭentral Federation login: "Failed to change IDP status" or "Expected 200 OK, got: 403 Forbidden" errors When viewing the contents of a group within the People > Groups section. In the interim of this being removed, the icon should be ignored.Ĭentral Users > Groups section: When opening a group, the footer total should say Users (not Groups) The customers' dashboard does not have an Optix trial enabled. The Partner Dashboard ‘Sophos Customers’ page, may incorrectly show an empty Optix trial icon for one or more customers. Partner Dashboard: Sophos Customers page - A Cloud Optix trial icon may incorrectly show for next to some Customers. If a Partner needs to refresh the Alerts webpage (and there is a Customers Dashboard loaded in another tab), logging out of the Customers Dashboard first will avoid encountering this issue. There is a known behavior seen where the Partner Dashboards Alert page will not load fully if the browser webpage is refreshed after they have opened a customer to manage in a different tab. Partner Dashboard: Refreshing the Partners Alert page will fail to load if a customer is loaded in another tab. The alert can be acknowledged when its identified as related to this known issue. If this is related to this known issue, you will not see an extra banner, and your sync is normal/successful. If this was a legitimate error, you will see a banner with the same message stating API permissions are missing, and the sync would fail. What to do if you receive this alert: go to your Global Settings > Directory Services > select your Azure AD sync service in question. While the timeout is temporary, it is incorrectly triggering this alert to be sent. This alert is incorrectly be triggered due to a timeout with the Azure AD sync. Some customers may see an alert in the dashboard showing the message: “Microsoft API permissions are missing." Even when the permissions are correctly configured. Central Dashboard: Medium Alert that states The Graph Api permissions are missing.
0 Comments
Leave a Reply. |