Hi,
We are using AWG 7.510, and implemented SSO-AD authentication against our win2003 AD domain. This works fine with Winxp and Win 2003 clients.
We are now deploying first Windows 7 ou Win 2008 clients, and we are facing a very weird problem:
On some websites, SSO authentication fails, locks the user account, and a popup is presented to the user. ( our password policy locks the account after 5 attempts)
I insist on the fact that the account is locked BEFORE the popup is presented and the user tries to login.
On the logs i can see:
2012:02:09-13:47:13 AWG01 httpproxy[4569]: [0xae2d2ca0] auth_adir_auth_crap_callback (auth_adir.c:875) Authorization denied (NT_STATUS_WRONG_PASSWORD)
2012:02:09-13:47:13 AWG01 httpproxy[4569]: [0xa927bbf8] auth_adir_auth_crap_callback (auth_adir.c:875) Authorization denied (NT_STATUS_WRONG_PASSWORD)
2012:02:09-13:47:13 AWG01 httpproxy[4569]: [0xad82fe48] auth_adir_auth_crap_callback (auth_adir.c:875) Authorization denied (NT_STATUS_WRONG_PASSWORD)
2012:02:09-13:47:13 AWG01 httpproxy[4569]: [0xa6874f78] auth_adir_auth_crap_callback (auth_adir.c:875) Authorization denied (NT_STATUS_WRONG_PASSWORD)
2012:02:09-13:47:13 AWG01 httpproxy[4569]: [0xb1667b68] auth_adir_auth_crap_callback (auth_adir.c:875) Authorization denied (NT_STATUS_WRONG_PASSWORD)
2012:02:09-13:47:13 AWG01 httpproxy[4569]: [0xa4c80508] auth_adir_auth_crap_callback (auth_adir.c:875) Authorization denied (NT_STATUS_ACCOUNT_LOCKED_OUT)
2012:02:09-13:47:13 AWG01 httpproxy[4569]: [0xa78ac670] auth_adir_auth_crap_callback (auth_adir.c:875) Authorization denied (NT_STATUS_ACCOUNT_LOCKED_OUT)
The problem can be reproduced from any Win7 or Win2008 client, IE or firefox (didn't test other browsers), by going on this page for example :
https://www-304.ibm.com/support/docview.wss?uid=swg27017522
before the complete loading of the page, the account will be locked and an auth pop-up will show.
Thanks for any help.
This thread was automatically locked due to age.
