Log in

Sangfor Support Center

Table of Contents
< All Topics
Print

[IAG] DingTalk authentication needs to restrict users outside the organizational structure from being allowed to authenticate

Posted
Updated
Byadmin
Views1

Problem Description

DingTalk authentication is configured, and user authentication is normal. However, users who are not in the customer DingTalk organizational structure can also successfully go online through OAuth authentication.

Process——

  1. The user's DingTalk authentication is normal;
  2. Users who are not in the DingTalk organizational structure of customers can also open the DingTalk authentication page normally and the authentication is successful and the oauth authentication is online;

solution

  1. Upgrade the device to IAG12.0.26 or above;
  2. In the DingTalk authentication server, check "Automatically obtain the user's group" and enter the correct parameters;

    735275d5beb991a6b7.png (69.33 KB)

Original Link

https://support.sangfor.com.cn/cases/list?product_id=22&type=1&category_id=7096&isOpen=true