Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 2 replies
  • Subscribers 27 subscribers
  • Views 617 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Import Group Wizard hangs

TrupiD

Hi,

there is already discussion from 4 years ago (+) Import Group Wizard hangs at "Select AD groups to import" - Discussions - Sophos Firewall - Sophos Community that got solved.

I have this exact problem also today on an XG 230 Appliance that is running on SFOS 19.5.0 GA-Build197. Connection to my AD Server ist working properly with LDAPS (I have tested this connection and appliance says it is working properly). My AD Server is Windows Server 2016 with recent Windows Updates.

-It just hangs on this part

Steps that I have tried for this problem:

-Tried to narrow DN search query with cn

- Using another browser (solution from Article 4 years ago) - I am using Edge as primary browser but i have tried to do group import with Firefox

- Like i said i checked the LDAPS connection

- Updated Appliance Firmware from 19.0 to 19.5

-Checked csc.log and got folowing messages:

)MESSAGE   Feb 15 08:10:11Z  [worker:8899]: {"request":{"method":"opcode","name":"apiInterface","version":"1.0","type":"json","length":473,"data":{"___serverport":4444,"servertype":"1","test":"update","___component":"GUI","txtBaseDn":"dc=--,dc=local","serverid":"2","transactionid":"176923","mode":406,"currentlyloggedinuserid":825,"port":"636","APIVersion":"1905.1","___serverprotocol":"HTTP","servername":"--","serverip":"--","isdefault":"0","___username":"--","___meta":{"sessionType":1},"___serverip":"--","currentlyloggedinuserip":"--","adminusername":"--"}}}
MESSAGE   Feb 15 08:10:11Z  [worker:8897]: {"request":{"method":"opcode","name":"import_group","version":"1.6","type":"json","length":555,"data":{ "APIVersion": "1905.1", "serverip": "--", "isdefault": "0", "transactionid": "176923", "test": "update", "___cmenabled": 0, "___meta": { "sessionType": 1 }, "servertype": "1", "___serverport": 4444, "currentlyloggedinuserip": "--", "port": "636", "currentlyloggedinuserid": 825, "mode": 406, "adminusername": "--", "___username": "--", "txtBaseDn": "dc=--,dc=local", "serverid": "2", "servername": "--", "___serverprotocol": "HTTP", "___cmrequest": 0, "___serverip": "--", "___component": "GUI" }}}

 PAckage ::::identity::importgroupsDEBUG     Feb 15 08:10:11Z  [worker:8899] sync_entity: req: opcode method  0
DEBUG     Feb 15 08:10:11Z  [worker:8899] sync_entity: req: opcode name  apiInterface
DEBUG     Feb 15 08:10:11Z  [worker:8899] sync_entity: req: opcode cont_length  473
DEBUG     Feb 15 08:10:11Z  [worker:8899] sync_entity: req: opcode status_code  0
DEBUG     Feb 15 08:10:11Z  [worker:8899] sync_entity: req: opcode status_str_len  0
DEBUG     Feb 15 08:10:12Z  [worker:8899] sync_entity: rmsync.c:467:sync_opcode:apiInterface:read len 70 clen 525 rlen 1024
DEBUG     Feb 15 08:10:12Z  [worker:8899] sync_entity: rmsync.c:494:sync_opcode:apiInterface:len 70 infolen 54
ERROR     Feb 15 08:10:12Z  [worker:8899] sync_entity: rmsync.c:520:sync_opcode:apiInterface: write opcode data 54
DEBUG     Feb 15 08:10:12Z  [worker:8899] sync_entity: rmsync.c:541:sync_opcode:apiInterface: infolen 54 blen 54 reply:
DEBUG     Feb 15 08:10:12Z  [worker:8899] sync_entity: res: opcode method  0
DEBUG     Feb 15 08:10:12Z  [worker:8899] sync_entity: res: opcode name  apiInterface
DEBUG     Feb 15 08:10:12Z  [worker:8899] sync_entity: res: opcode cont_length  0
DEBUG     Feb 15 08:10:12Z  [worker:8899] sync_entity: res: opcode status_code  200
DEBUG     Feb 15 08:10:12Z  [worker:8899] sync_entity: res: opcode status_str_len  2
MESSAGE   Feb 15 08:10:19Z  [worker:8923]: {"request":{"method":"opcode","name":"readobject","version":"1.2","type":"json","length":99,"data":{"filter":[["type","=",["red_firewall_client","red_firewall_client_legacy"]]],"Entity":"reddevice"}}}
########## Package: red::reddevice
**********  reddevice Read through ORM
**********  objEntityDef: HASH(0xb3da020)

Readobject returning from function prepareOperationQuery,tempTypeQuery=type in (?,?)
Readobject returning from function QueryFromCusArr filterquery=select deviceid from tblreddevice where  type in (?,?)

Readobject returning from function prepareTypeFilterQuery,filterquery=select deviceid from tblreddevice where  type in (?,?)

Readobject Executing PREPSTMT Query=select deviceid from tblreddevice where  type in (?,?)

I put "--" in the fields that are sensitive, but these fields have correct data



This thread was automatically locked due to age.
Parents
  • +1

    How many groups do you want to import? Because in fact, you could simply create them manually and they will interact with AD Integration the same way like import. The Import simply gets the "meta data" of the group (like name). So you could create them manually as well, if you want to import only 2 groups for example. 

    __________________________________________________________________________________________________________________

Reply
  • +1

    How many groups do you want to import? Because in fact, you could simply create them manually and they will interact with AD Integration the same way like import. The Import simply gets the "meta data" of the group (like name). So you could create them manually as well, if you want to import only 2 groups for example. 

    __________________________________________________________________________________________________________________

Children
  • 0 in reply to LuCar Toni

    Thanks. It was just one group that I wanted to import. This worked. I created this group with the same name as in local AD in Sophos and after one user from group authenticated himself with this group it immediately worked and User was in this group. Thanks.

Unfiltered HTML