Netskope Community
-
Forums
ProductsCommunity Resources
-
Learn
Education, Training, Certification, and Thought LeadershipCommunity Resources
-
Groups
Community GroupsCommunity Resources
-
Events
Community Resources
- Support
- Netskope Community
- Products
- Private Access
- Domain/UPN change causes Priv Access Gateway to no...
Domain/UPN change causes Priv Access Gateway to not connect
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-19-2022 07:48 PM - last edited on 07-19-2022 08:45 PM by kh-cathy29811
Hello,
We encounter an issue that when a user's domain / UPN changes from say:
admin@contoso.local > admin@newcontoso.local
The private gateway will fail to establish
In my env Netskope is setup in MultiUser mode(v93.1.0.951) and is integrated with Azure AD for user provisioning / SSO
Reinstalling the Netskope client doesn't resolve the issue
Looking at the device within the Netskope Admin console its client status is 'Multiple Statuses' it will show the same user with both the new domain and the previous domain
Looking at the users profile (updated domain) it will report that the client status is up but physically on the workstation the tunnel will be down and non functional
The only solution that works is to reimage the workstation or assign another device, which feels insane
Has anyone seen this before or have any advice on a resolution?
Cheers,
- Labels:
-
domain
-
multi-user mode
-
sso
-
Support
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-20-2022 09:06 PM
Hi, @lmunro . Thank you for reaching out! A Netskope expert from our community team will get back to you as soon as possible. In the meantime, if any community member knows the solution, please reply to this thread!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-04-2023 02:24 PM
Hi Imunro,
I'm trying to do the same thing with changing the user's domain and having the same issue. We have Azure AD set up and are syncing identities from there. The change in the username is showing up in the list of users in the settings (under Security Cloud Platform > Netskope Client >Users). However the updated username is not reflected in the SkopeIT users and we have to add the new username back to the private apps.
As a workaround we are uninstalling the client and sending a new invite to the updated email address. This isn't ideal as it is creating duplicate users for the devices they use.
If anyone else has run into this issue and has any other way of fixing it I'd be happy to hear.
Thanks!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-08-2023 03:17 PM
Hi @LaytonLS
Not sure if the new versions have made this better but the process is a lot better than it was
Below are the steps I follow for a UPN Suffix Update on a user, do mind this on a Hybrid Setup with Azure and domain bound devices
Sync Azure AD to Netskope
Check Netskope has new UPN in Settings > Security Cloud Platform > Users
Log into device with new username
Using cmd execute "whoami /upn" it should display the new UPN this is important
Clear "APPDATA\Roaming\Netskope" and restart
Login and check netskope works
Should have a private gateway IP assigned
Otherwise perform another reboot
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
- CASB Operationalization Dashboard in Advanced Analytics Dashboard
- SSPM : Monitoring Salesforce Delegated Group settings with SSPM in Security Posture Management
- PAC file in Server in Next Gen Secure Web Gateway (SWG)
- NPA policy source: "all users" vs "'Domain Users' AD group" in Private Access for ZTNA
- [HOW-TO] - Silently Deploy the Netskope Client for MacOS Using Workspace ONE in Next Gen Secure Web Gateway (SWG)
-
NPA
45 -
ztna
15 -
private access
14 -
publisher
9 -
Netskope Private Access
7 -
netskope client
6 -
Private App
5 -
NSClient
4 -
Private Apps
3 -
Browser Access
3 -
Re-authentication for Private Apps
3 -
Zero Trust
3 -
MacOS
3 -
SAML
2 -
sso
2 -
Client
2 -
okta
2 -
Private App Discovery
2 -
clientless
2 -
Authentication
2 -
client update
2 -
browser
2 -
DNS Resolver
2 -
AWS
2 -
Network Privete Access
2 -
multi tags for NPA apps
2 -
Config Update
1 -
ps-tip
1 -
fleet
1 -
ipsec
1 -
IDP
1 -
SCCM
1 -
App Discovery
1 -
Policy Hit Count
1 -
Threat Protection
1 -
User Group
1 -
Real-time Policy
1 -
Netskope Endpoint Client
1 -
Prelogon
1 -
PQDN
1 -
best practice
1 -
tunnel
1 -
Azure PaaS
1 -
FQDN
1 -
domain
1 -
Azure AD
1 -
file size
1 -
Support
1 -
Chrome
1 -
jamf
1 -
VPN Client
1 -
EC2
1 -
same access
1 -
Reverse Proxy
1 -
configuration
1 -
Auto Scaling
1 -
Home Office
1 -
Events
1 -
Netskope Agent
1 -
Home Access
1 -
update
1 -
APIv2
1 -
Preference VPN
1 -
DNS over TCP
1 -
Azure
1 -
SSL bypass
1 -
Preference NPA
1 -
install
1 -
Script
1 -
CASB
1 -
multi-user mode
1 -
CIDR
1 -
Automation
1 -
Pre-login
1 -
Best Practices
1 -
overlap
1 -
jumpcloud
1 -
CRL
1 -
NG-SWG
1 -
CIDR Overlap
1 -
traffic steering
1 -
PreLogon Tunnel
1
In order to view this content, you will need to sign in to your account. Simply click the "Sign In" button below
Sign In