Last night I decided to tackle the task of enabling the SonicWALL CFS service on my new TZ 500 NFR model. I had done this with my NSA 240 years ago (circa 2009) and was very impressed with the end results. Now with another 365 days of free CFS service, better use it, right?
Not using any KB articles, I was able to complete the whole thing without much difficulty. The TZ 500 paired with LDAP (unsecured) using a non-admin service account and I installed the SonicWALL SSO Agent program on the DC and configured to run as a service. I tested the functionality pretty thoroughly and wherever I logged in as my account, the SonicWALL figured it out and adjusted the CFS automatically and perfectly.
The only issue is that I could not figure out how to manually log in as a user to authenticate via AD (and get special CFS policy) on non-Windows (or domain joined) devices such as guest systems and handheld devices. Hopefully I will post about that soon.