When Fortinet SSO Agent is installed on a DC and running in "DC Agent" mode instead of Polling mode, AuthLite cannot work. Whichever product was most recently installed (or repaired) will function, and the other will not.

Windows provides only one "Auth0" registry hook under HKLM\System\CurrentControlSet\Control\Lsa . AuthLite absolutely requires this to function, but Fortinet can be run in Polling mode instead.  Therefore:

  • Remove DC Agent
  • Uninstall AuthLite MSI on the DC (you can SKIP this reboot)
  • Install AuthLite MSI again to set the hook properly
  • Now reboot the DC