This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

End-User-Portal Logon Problems AD Backend

Hi.
We do use Astaro version 7.104 with AD Backend Auth. We create users in the windows domain and then logon through the portal. With 4 of 5 users the logon is successfully, but one user gets an error:

"Authentication failes for user "

The only resolution ist to delete the user in AD and to recreate. But that is a very poor solution for us because of loosing SID ID (e.g. Exchange Mailbox).

We already tested rebooting middleware, restarting aua, restarting complete box, set new password in windows, disabling / enabling the user in AD ... no success.

One thing we noticed: The very first login on portal after creating the user in AD ist successful. Then we put the user in a Astaro Group which is granted for VPN access. 4 users can logon after that, (the first?) one user not...

Any ideas? Seems to be a bug.

Bye Thomas

This thread was automatically locked due to age.

Parents

0 jjohnston62 over 17 years ago

Did you re-join the domain after you upgraded to 7.1 on the Astaro side? If so, or if this doesn't apply, I'd probably open something with your reseller or support.
Cancel
Vote Up 0 Vote Down

Cancel
0 ibeheer over 17 years ago in reply to jjohnston62

do you use http proxy with ad ....... then test if the user works...
if so perhaps you didn't add to user to the user portal...
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 ibeheer over 17 years ago in reply to jjohnston62

do you use http proxy with ad ....... then test if the user works...
if so perhaps you didn't add to user to the user portal...
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 phpp over 17 years ago in reply to ibeheer

I think I know your problem.

ASG 7.1, join domain OK. But authen in End-user Portal fail

One way to fix it.

Make a user group in astaro like that:
Name: "All Users in AD",
Group membership: back end AD
Limit group membership: No

Re login to End-user portal for all user in AD. The login ok.

I think that problem is in 7.1x only.

7.0x don't have that.

Astaro, Please fix it.

Thanks
Cancel
Vote Up 0 Vote Down

Cancel
0 Buck76 over 17 years ago in reply to phpp

Hi @ all.

Thank you for the replies. Currently we solved the problem! In order of some security settings we set the AD user object to "log on" only to "his" servers. So, when authenticating by portal or VPN, astaro asks the domain controller with the credentials of the user... BANG!

Solution: Adding the domain controllers or logon servers to the list of allowed servers.

Bye Thomas
Cancel
Vote Up 0 Vote Down

Cancel