authentication problems

mulhollandm · ‎09-17-2013

folks

i have a query which i'm hoping you can help with

i have 6 * c670s in explicit mode running secure ldap for user authentication

policy is managed by a SMA

when i run the ldap test on any of the WSAs it retrieves users and groups

i get the same result from the SMA

when i create a policy on the WSA i can list and add groups, individual users don't seem to be listed but i think thats normal

when i create a policy on the SMA i only see a limited number of groups

my problem is when i try and pass web traffic through the WSA

when i configure a browser with the c670 as the proxy i get an authentication prompt

when i input the credentials it keeps reloading the prompt and a tail authlogs shows

Auth failed: user=MYDOMAIN\1234567 (Invalid username)

if i deliberately put in an incorrect password i get

mulhollandm · ‎09-17-2013

folks

i hit post too early

the dliberate password also fails but with invalid credentials

Jatin Katyal · ‎09-17-2013

Have you already tried the authentication without domain name like only with username -1234567 ?

Also, could you please paste the auth logs again in case it doesn't work. I'd also like to know if there is any hit on the LDAP server under event viewer.

~BR
Jatin Katyal

**Do rate helpful posts**

~Jatin

mulhollandm · ‎09-18-2013

jatin

many thanks for your reply

yes i tried as you have suggested

i think i have resolved the issue by credential encryption in the authentication settings

users now get a https warning when first trying to access a url, if they accept the certificate they get a login prompt which is getting them web access

thanks