Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 9 replies
  • Subscribers 2 subscribers
  • Views 2833 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

8.303 Upgrade lost AD auth

Bryan_01
Hi,

Just done an update to 8.303 and lost AD authing for everything.

Http.log shows file="auth_adir.c" line="299" message="write: Connection refused" thus the request is blocked.

Input username and password for domain membership again, but comes back and says not connected to any domain. Rebooted, try again, the same.

Any pointers guys?

Rolling back changes now....

EDIT: Rolling back config not worked. Restoring VM now :-(


This thread was automatically locked due to age.
Parents
  • 0
    I know that up2dating from 8.103 to 8.300 broke AD authentication for a few of my customers, due to changes in how the ASG "talks" to the DC(s)... perhaps you updated from a much older version to 8.303?  If not, maybe it's another major change (I did note a new Samba package was included in 8.303, different from 8.3xx preceeding it).  You may just need to rejoin the system to the domain.  This means deleting the old computer account that was created for the ASG from AD, and waiting for that change to replicate to all DCs (if you have more than one) -- you can force this using various tools if needed --- then rejoining the domain.  Make sure you have a static DNS record in your Windows DNS that matches the hostname you have defined for the ASG, and the hostname should be a FQDN that matches your AD configuration.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

Reply
  • 0
    I know that up2dating from 8.103 to 8.300 broke AD authentication for a few of my customers, due to changes in how the ASG "talks" to the DC(s)... perhaps you updated from a much older version to 8.303?  If not, maybe it's another major change (I did note a new Samba package was included in 8.303, different from 8.3xx preceeding it).  You may just need to rejoin the system to the domain.  This means deleting the old computer account that was created for the ASG from AD, and waiting for that change to replicate to all DCs (if you have more than one) -- you can force this using various tools if needed --- then rejoining the domain.  Make sure you have a static DNS record in your Windows DNS that matches the hostname you have defined for the ASG, and the hostname should be a FQDN that matches your AD configuration.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

Children
  • 0 in reply to BrucekConvergent
    We had similar issues after upgrading from 8.302 to 8.303. We upgraded five appliances and most of them had to be rejoined to the domain. Our users still see "authentication failed" messages sometimes.

    We have at least two Win7 users who still get "authentication failed" unless we point their browser to the IP address of the ASG instead of the DNS name.
Cookie Information Banner