Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 42 replies
  • Subscribers 1 subscriber
  • Views 20598 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

AD BASE DN Problem

color_n
hello

i have problem with authenticating users over AD , they all pass my proxy filter 

2010:02:18-14:53:17 astaro httpproxy[31000]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="10.0.23.21" user="" statuscode="304" cached="0" profile="REF_OIKbLRYudm (AD_proxy users)" filteraction="REF_DefaultHTTPCFFBlockAction (Default content filter block action)" size="0" time="60 ms" request="0xa6cb0f00" url="googleads.g.doubleclick.net/.../test_domain.js" exceptions="av,auth,content,url,certcheck,certdate,mime,cache" error=""  

this is just an example , this is server configuration

BIND DN :
CN=Administrator,CN=Users,DC=mydomain,DC=local
BASE DN :
DC=mydomain,DC=local

do i need to create OU on AD , or just groups with users ? 

please advice how to solve this situation .

Thanks in advance


This thread was automatically locked due to age.
Parents
  • 0
    This all looks correct to me.  What does the log say in the Active Directory server when the Astaro tries to authenticate zgzad_salter1?
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson
    hy

    finally i have tested od domain , it did refuse to authenticate user because limitation to login only from their pc , i have disable that option, now it authentcate it self normaly , but i still dont see user on web filter log .
  • 0 in reply to color_n
    this is authentication log from web proxy:

    2010:02:25-16:33:40 astaro httpproxy[21838]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="10.0.0.130" user="" statuscode="200" cached="0" profile="REF_UZPbZhzkpa (Proxy1_centrala_ AD)" filteraction="REF_DefaultHTTPCFFBlockAction (Default content filter block action)" size="8632" time="52 ms" request="0xa6405768" url="www.saguaro.hr/.../roundrect50567593.gif" exceptions="av,auth,content,url,certcheck,certdate,mime,cache" error=""
  • 0 in reply to color_n
    this is authentication log from web proxy:

    2010:02:25-16:33:40 astaro httpproxy[21838]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="10.0.0.130" user="" statuscode="200" cached="0" profile="REF_UZPbZhzkpa (Proxy1_centrala_ AD)" filteraction="REF_DefaultHTTPCFFBlockAction (Default content filter block action)" size="8632" time="52 ms" request="0xa6405768" url="http://www.saguaro.hr/images/roundrect50567593.gif" exceptions="av,auth,content,url,certcheck,certdate,mime,cache" error=""


    please try for a site that is not in the exception
  • 0 in reply to techuser
    well that is the problem , that site is not in the exception list , i dont know why is it appearing as it is .
Reply Children