09-17-2013 01:21 PM
folks
i have a query which i'm hoping you can help with
i have 6 * c670s in explicit mode running secure ldap for user authentication
policy is managed by a SMA
when i run the ldap test on any of the WSAs it retrieves users and groups
i get the same result from the SMA
when i create a policy on the WSA i can list and add groups, individual users don't seem to be listed but i think thats normal
when i create a policy on the SMA i only see a limited number of groups
my problem is when i try and pass web traffic through the WSA
when i configure a browser with the c670 as the proxy i get an authentication prompt
when i input the credentials it keeps reloading the prompt and a tail authlogs shows
Auth failed: user=MYDOMAIN\1234567 (Invalid username)
if i deliberately put in an incorrect password i get
09-17-2013 01:25 PM
folks
i hit post too early
the dliberate password also fails but with invalid credentials
09-17-2013 06:19 PM
Have you already tried the authentication without domain name like only with username -1234567 ?
Also, could you please paste the auth logs again in case it doesn't work. I'd also like to know if there is any hit on the LDAP server under event viewer.
~BR
Jatin Katyal
**Do rate helpful posts**
09-18-2013 02:56 PM
jatin
many thanks for your reply
yes i tried as you have suggested
i think i have resolved the issue by credential encryption in the authentication settings
users now get a https warning when first trying to access a url, if they accept the certificate they get a login prompt which is getting them web access
thanks
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide