Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 1 subscriber
  • Views 864 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

AD SSO Authentication issue

Apollo13
Hi,

Lately our customer upgraded their UTM firmware to version 9.1. now their experiencing AD SSO authentication issues. When a user login on the windows ad profile and open the internet browser pop up screen prompts for authentication and when he input his credential it fails.

So we upgrade to 9.101-12 version and issue is still the same. 

Logs from HTTP proxy.


2013:06:14-12:58:28 enargite-1 httpproxy[20670]: id="0003" severity="info" sys="SecureWeb" sub="http" request="0xc52c050" function="auth_adir_auth_crap_callback" file="auth_adir.c" line="866" message="Authorization denied (NT_STATUS_NO_TRUST_SAM_ACCOUNT)"

Any advice is appreciated.


This thread was automatically locked due to age.
  • 0
    function="auth_adir_auth_crap_callback" suggests that, in 'Proxy Settings' in the clients, they are using a numeric IP address for the UTM Proxy address instead of an FQDN that resolves to that IP.

    NT_STATUS_NO_TRUST_SAM_ACCOUNT suggests that they might just need to delete the UTM from the Active Directory and then join again from WebAdmin.

    Please let us know if either works.

    Cheers - Bob
  • 0
    Simply rejoin the UTM into the domain. Restart the proxy, and you should be done ;o)