Netskope Agent disabled/Fail Close when AD account is locked out

  • 14 June 2022
  • 4 replies

Badge +2

Hello All,


I was wondering if it is normal for Netskope to go into disabled and then into Fail close if the user account in AD gets locked out.  I don't see anything in our agent arguments that would imply it is installed with fail close.  As well, I have the fail close option unchecked on our client configuration.  The only thing I have read is that I have a password set for tamper proofing, which is a prerequisite for fail close. 


Has anyone come across this situation before?

4 replies

Badge +8

Thank you for your question, @SirRobert. A Netskope expert from our community team will get back to you as soon as possible. In the meantime, if anyone else has any ideas that you feel may help, please reply here!

Badge +5

this is an interesting question, if the netskope client is configured to failclose (and failopen), what happen when the account/userid is disabled?   can the user login and get to the internet ?

If Account Is disabled So You Can't Login In Your Netskope Tenant , Ya You Can access Internet But Your Traffic Will Not Go through Netskope Client 

Badge +6

Hi, does that mean Netskope's fail close mechanism can not block unregistered user with agent installed in their endpoints accessing to the internet?