Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 42 replies
  • Subscribers 1 subscriber
  • Views 20575 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

AD BASE DN Problem

color_n
hello

i have problem with authenticating users over AD , they all pass my proxy filter 

2010:02:18-14:53:17 astaro httpproxy[31000]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="10.0.23.21" user="" statuscode="304" cached="0" profile="REF_OIKbLRYudm (AD_proxy users)" filteraction="REF_DefaultHTTPCFFBlockAction (Default content filter block action)" size="0" time="60 ms" request="0xa6cb0f00" url="googleads.g.doubleclick.net/.../test_domain.js" exceptions="av,auth,content,url,certcheck,certdate,mime,cache" error=""  

this is just an example , this is server configuration

BIND DN :
CN=Administrator,CN=Users,DC=mydomain,DC=local
BASE DN :
DC=mydomain,DC=local

do i need to create OU on AD , or just groups with users ? 

please advice how to solve this situation .

Thanks in advance


This thread was automatically locked due to age.
Parents
  • 0
    I think techuser means to check your AD server to be sure that the user at IP="10.0.0.137" is a member of the Proxy1 AD group.  If that IP is in "Internal (Network)" but not in "lan_mreza_A_klasa" then that would be the cause of your problem.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0
    I think techuser means to check your AD server to be sure that the user at IP="10.0.0.137" is a member of the Proxy1 AD group.  If that IP is in "Internal (Network)" but not in "lan_mreza_A_klasa" then that would be the cause of your problem.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
  • 0 in reply to BAlfson
    I mean check if this user belongs to the group that is defined in the filter assignment called "Proxy1 AD", because even if the IP address of the PC is in the "lan_mreza_A_klasa" and the user in not in any group such error will appear
  • 0 in reply to techuser
    hy everyone 

    i have tried everything but problem is the same , that user is in the group Proxy1 on domain , but when i try to check it it gives me error (see picture ).
    I have checked the network setting LAN_A_mreza (it a class subnet) but problem is the same , this user auth log :

    2010:02:22-16:46:15 astaro aua[30444]: id="3004" severity="info" sys="System" sub="auth" name="Authentication successful" srcip="10.0.0.232" user="bpetak" caller="webadmin" engine="local"
    2010:02:22-16:57:18 astaro aua[30746]: id="3004" severity="info" sys="System" sub="auth" name="Authentication successful" srcip="0.0.0.0" user="jmartinac" caller="pptp" engine="local"
    2010:02:22-16:57:26 astaro aua[30768]: id="3004" severity="info" sys="System" sub="auth" name="Authentication successful" srcip="10.0.0.232" user="bpetak" caller="webadmin" engine="local"
    2010:02:22-19:42:12 astaro aua[4203]: id="3004" severity="info" sys="System" sub="auth" name="Authentication successful" srcip="0.0.0.0" user="saguaro" caller="pptp" engine="local"
    2010:02:22-19:42:32 astaro aua[4229]: id="3004" severity="info" sys="System" sub="auth" name="Authentication successful" srcip="10.242.1.2" user="admin" caller="webadmin" engine="local"
    2010:02:22-19:44:26 astaro aua[4291]: id="3006" severity="info" sys="System" sub="auth" name="Spawned child for authentication test"
    2010:02:22-19:44:26 astaro aua[4291]: id="3006" severity="info" sys="System" sub="auth" name="Authentication test request: m:adirectory, f:none, u:zgzad_salter1, ip:"
    2010:02:22-19:44:26 astaro aua[4291]: id="3006" severity="info" sys="System" sub="auth" name="Testing method adirectory"
    2010:02:22-19:44:26 astaro aua[4291]: id="3006" severity="info" sys="System" sub="auth" name="Trying 10.0.0.240 (adirectory)"
    2010:02:22-19:44:26 astaro aua[4291]: id="3006" severity="info" sys="System" sub="auth" name="Authentication test failed: User could not be authenticated" 

    how is that user isn't recognised ?