Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 9 replies
  • Subscribers 29 subscribers
  • Views 8368 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

STAS Logon Fails because of wrong credentials

mxull

Hi Guys,

 

SFOS 17.5.8 MR-8

STAS 2.5.0.

 

we currently have the situtation that users can not authenticate to the firewall via the STAS.

In the authentication Log via LogViewer we get the following error.


"User XXXXX failed to login to Firewall through AD authentication mechanism from 192.168.XX.XX because of wrong credentials"

All users get get displayed on the stas via live users.

Even the connection between XG and STAS is working.

I would assume a problem on the AD server, but the login works if we log in with the AD user ID on the user portal.

 

Attached is a Part of the STAS log for a failed logon.

MSG    [0x7a3c] 09.10.2019 07:48:11 : wrkstpoll_workerthread_wmi: logging on user '[DOMAIN]\TestUser' on '192.168.0.XX
MSG    [0x7a3c] 09.10.2019 07:48:11 : wrkstpoll_handle_logon_req: Request received from CR
MSG    [0x7a3c] 09.10.2019 07:48:11 : wrkstpoll_init_userinfo_common: CreateTime: 1570600091
MSG    [0x7a3c] 09.10.2019 07:48:11 : wrkstpoll_init_userinfo_common: ExpireTime: 1570600696
MSG    [0x7a3c] 09.10.2019 07:48:11 : wrkstpoll_init_userinfo_common: LogonType: 1
DEBUG    [0x7a3c] 09.10.2019 07:48:11 : dca_filter_by_username
DEBUG    [0x7a3c] 09.10.2019 07:48:11 : userdb_handle_duplicate_userinfo: select query: SELECT * FROM UserInfo WHERE wrkst_ip=='192.168.0.XX';
DEBUG    [0x7a3c] 09.10.2019 07:48:11 : userdb_insert_userinfo: no matching userinfo found
DEBUG    [0x7a3c] 09.10.2019 07:48:11 : userdb_insert_userinfo: UserInfo Successfully Inserted
MSG    [0x7a3c] 09.10.2019 07:48:11 : wrkstpoll_handle_logon_req: new userinfo added
DEBUG    [0x7a3c] 09.10.2019 07:48:11 : list_add_tail: first element added
DEBUG    [0x7a3c] 09.10.2019 07:48:11 : wrkstpoll_handle_logon_req: user logon request enqueued to XG Update Queue
ERROR    [0x5444] 09.10.2019 07:48:11 : USERINFO WAITING INFINITE
DEBUG    [0x5444] 09.10.2019 07:48:11 : list_remove_head: last element removed
MSG    [0x5444] 09.10.2019 07:48:11 : SSOclient_thread: got userinfo: USER: domain.com\TestUser <-> Flags: 5
DEBUG    [0x5444] 09.10.2019 07:48:11 : SSOclient_filter_CR_subnet: Entering filter function
DEBUG    [0x5444] 09.10.2019 07:48:11 : SSOclient_filter_CR_subnet: authnet not specified, send request to XG
ERROR    [0x5444] 09.10.2019 07:48:11 : SSOclient_update_CR: domain name is there with length 13 , domain.com
ERROR    [0x5444] 09.10.2019 07:48:11 : USERNAME TestUser Length 5
ERROR    [0x5444] 09.10.2019 07:48:11 : WORKSTN IP 192.168.0.XX Length 13
ERROR    [0x5444] 09.10.2019 07:48:11 : DOMAIN domain.com Length 14
ERROR    [0x5444] 09.10.2019 07:48:11 : SSOclient : PACKET SIZE 243 㐲3
DEBUG    [0x5444] 09.10.2019 07:48:11 : net_send: bytes sent: 243
DEBUG    [0x5444] 09.10.2019 07:48:11 : net_send: full packet sent
MSG    [0x5444] 09.10.2019 07:48:11 : SSOclient_thread: Logon/Logout Update sent to: 192.168.0.XX
ERROR    [0x5444] 09.10.2019 07:48:11 : GETTING (USERINFO) FROM QUEUE
DEBUG    [0x5444] 09.10.2019 07:48:11 : list_remove_head: list is Empty
DEBUG    [0x7a3c] 09.10.2019 07:48:11 : threadpool_finishnotify: Thread ID: 0x7a3c
DEBUG    [0x7a3c] 09.10.2019 07:48:11 : threadpool_finishnotify: Reset Event

 

What else could be the cause ?

 

Kind Regards,
Max



This thread was automatically locked due to age.
Parents
  • 0

     

    Incorrect search query and domain name may create such login failed for users.


    Is Login getting failed with all domain users with same reason "wrong credential"? If yes then please confirm below details.

    Under Log Viewer when Login failed message appears, the user name contains entire name with domain or only user name.

    Example : 1) test failed due to wrong credential or 2) test@xyz.com failed due to wrong credential 

    If case 1 getting matched with your case then verify the below 

    1) XG - AD Integration settings for domain name and search queries. 



    2) Verify the domain name is correct on STAS app.



    Please try with with settings.

Reply
  • 0

     

    Incorrect search query and domain name may create such login failed for users.


    Is Login getting failed with all domain users with same reason "wrong credential"? If yes then please confirm below details.

    Under Log Viewer when Login failed message appears, the user name contains entire name with domain or only user name.

    Example : 1) test failed due to wrong credential or 2) test@xyz.com failed due to wrong credential 

    If case 1 getting matched with your case then verify the below 

    1) XG - AD Integration settings for domain name and search queries. 



    2) Verify the domain name is correct on STAS app.



    Please try with with settings.

Children
No Data