WSS agent user running on MacOS can authenticate with SAML and browse allowed sites without issues.
Periodically, instead of being asked to authenticate to the SAML IDP server, the user simply sees the following message on the console:
"No user logged on at physical console"
If you see "Waiting for console user to log in" you should also see "has logged in - continuing CTC" in diagnostic log, which was not the case when it failed.
This should not happen with MacOS as there is always a logged in user on console.
Only seems to happen with a reboot/restart - any RECONNECT always works fine.
WSS Agent 8.2.1
Race condition between console notification thread and CTC module.
Apply WSS Agent 8.2.2
WSS Agent disgnostic info showed the following info when the MacOS user was clearly logged in.
[10-05-2022 17:11:54 (UTC+2:00)]: ---- Starting Service (18.104.22.16850) ----
[10-05-2022 17:11:54 (UTC+2:00)]: Customer ID: 12345
[10-05-2022 17:11:54 (UTC+2:00)]: Tamper protection: disabled
[10-05-2022 17:11:54 (UTC+2:00)]: macOS arm64 12.6.0 machine name: ABCDEFG machineID: d64a11d7-5332-4a68-a4f4-696a9de998dc
[10-05-2022 17:11:54 (UTC+2:00)]: (Notifier) Using network extension
[10-05-2022 17:11:55 (UTC+2:00)]: Initial routing configuration - traffic to ctc.threatpulse.com now routed through interface with address: 192.168.0.24
[10-05-2022 17:11:55 (UTC+2:00)]: Waiting for console user to log in ****** normally see MacOS logged in user info here
[10-05-2022 17:11:56 (UTC+2:00)]: Known proxies: 22.214.171.124:80(R);ep.threatpulse.net:80(N);prxcagip.zoe.gca:8080(N);
[10-05-2022 17:12:03 (UTC+2:00)]: CTC Response: ACTIVE(PRECHK) egress:126.96.36.199 GFRPA-188.8.131.52 GBEBR-184.108.40.206 GNLAM-220.127.116.11 GDEFR-18.104.22.168 ****** Neil - manually reconnected 30-40 seconds later and all worked fine.
[10-05-2022 17:12:32 (UTC+2:00)]: Manual reconnect to WSS initiated