This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

UTM v9.510-5 some users failing to authenticate so subject to default rule

Hi,


We have 4 UTMs currently to serve different geographic locations, all are in HA pairs (Active/Passive).  All are working fine except one where some users are unable to authenticate through it.


We are using AD SSO

We have standard users who are seemingly just not authenticated and one of my Team is unable to access the WebAdmin console of the same UTM.


The webadmin log shows the following for the affected users 'user="" group="" ad_domain=""' so my interpretation is that its failed to authenticated them and they are subjetc to the default rule.?

The Admin staff who is failing to access the WebAdmin console generates the following in the 'User Authentication Daemon' log:

aua[23013]: id="3006" severity="info" sys="System" sub="auth" name="Unknown user %username removed%"

aua[23013]: id="3005" severity="warn" sys="System" sub="auth" name="Authentication failed" srcip="IP address" host="" user="%username removed%" caller="webadmin" reason="DENIED"


Through any of the other proxies they are fine.

I have done the following:

1. Flushed the Auth cache.
2. Brought the problematic UTM up to the latest firmware. Rebooted of course.
2. Dropped it from the domain and rejoined it.

3. Compared and contrasted the config with other UTMs.

 

Can anyone point me in the right direction for troubleshooting this sort of issue before i get support involved?

 

Cheers

 

Geoff



This thread was automatically locked due to age.
Parents Reply
  • Hi Balfson,

    We have AD SSO configured and it is working fine for the vast majority of people.  Its only a few people who are having issues.

    All our UTMs are configured the same and the affected users work through the other ones but not this one which is geographically local to them and set via GPO.

     

    Geoff

Children
No Data