Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 2 subscribers
  • Views 3251 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Active Directory Single-Sign-On (SSO)

troyr
When trying to join an active directory domain on a Windows Server 2008 R2 domain controller the Astaro Security Gateway fails with a "Joing the domain failed." message.


This thread was automatically locked due to age.
  • 0
    Hi, Troy, and welcome to the User BB!

    You didn't mention the version of Astaro.  There are several possibilities, so you might find what you want with a google:
    site:astaro.org 2008 r2 sso join failed "7.5"
    or
    site:astaro.org 2008 r2 sso join failed "8.0"

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0
    I am running release 8.002 and have tried the suggestions in previous postings with no luck. 

    I have removed the AD servers from the servers tab (Which worked just fine) rebooted the gateway and tried to join the domain with and without specifig a server in the server field. All with no success.
  • 0
    There are some other hints in: HTTP/S Proxy Access with AD-SSO (Caution, the section "Configure User Authentication" should be eliminated as it has no effect on AD-SSO and can cause problems in larger organizations).

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0
    Still didn't work.

    The following message is thrown in the Fallback Messages log when I attempt to join the domain.

    2010:11:09-14:27:58 ASG [daemon:err] net: [2010/11/09 14:27:58.140704, 0] libads/sasl.c:820(ads_sasl_spnego_bind)
    2010:11:09-14:27:58 ASG [daemon:err] net: kinit succeeded but ads_sasl_spnego_krb5_bind failed: Strong(er) authentication required
  • 0 in reply to troyr
    Version 8.100 (in beta) resolves this issue, AFAIK.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

Cookie Information Banner