Virtual Secure Web Gateway

 View Only

  • 1.  LDAP Error and invisible user names!

    Posted Nov 08, 2010 06:41 AM

    hello,

    I have a weird problem just like everybody else in this forum :)

    my gateway's LDAP authentication tests fail recently. I have tried to change the user credentials that I use for LDAP authentication but it did not work. I have also tried to reinstall the DC interface software, it did not work either.

    a strange thing happened after I added a new user to one of my rules. basically the use is invisible! the rule works but of course there is not a user name you can follow in the reports.

    for a clearer view you can see the following screenshot below.

    what must I do now?

     

      

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     



  • 2.  RE: LDAP Error and invisible user names!

    Broadcom Employee
    Posted Nov 09, 2010 01:51 PM

    You will need to get the LDAP authentication working. What is the error you get when you try to test the authentication?



  • 3.  RE: LDAP Error and invisible user names!

    Posted Nov 10, 2010 05:05 AM

    hi,

    this is the error message I get:

    ! An LDAP error was encountered: We're sorry, but your LDAP credentials cannot be validated at this time. Error code 8.



  • 4.  RE: LDAP Error and invisible user names!

    Posted Nov 22, 2010 04:13 AM

    OK here is the thing:

    It looks everything is correct. I have DC Interface software installed on my DCs, I have a dedicated user for LDAP authentication, all parameters are entered correctly. but still I cannot pass the credential test.

    Plus I have invisible user names in the policy page.

    surely there must be a solution.



  • 5.  RE: LDAP Error and invisible user names!

    Posted Nov 22, 2010 09:31 AM

    Perhaps try to log in to a workstation with the dedicated LDAP account you have created for authentication to see if your DC allows it logon.

    You could also try using the administrator account in the LDAP settings on the SWG as a test as well.



  • 6.  RE: LDAP Error and invisible user names!

    Posted Nov 23, 2010 05:06 AM

    hi,

    I've already tried those both. I can log on with the dedicated swg account and I cannot pass the test with the admin account.

    I also tried to reboot th appliance (you know it's a solution for everything just like a nice cup of tea) but nothing changed.

    next idea?



  • 7.  RE: LDAP Error and invisible user names!

    Posted Nov 29, 2010 03:33 AM

    a new domain controller, a new dc interface installation and no changes at all. the error log's below:

     

     

    path: C:\dcinterface_4_5_4\dcinterface.txt
    11/29/2010   10:14:49     10.90.34.13 assigned stunnel port: 35081

    11/29/2010   10:14:49     hosts defined: 1
    11/29/2010   10:14:52     stunnel conf path: C:\dcinterface_4_5_4\stunnel.conf
    11/29/2010   10:14:52     Secure Tunnel start: "start C:\"dcinterface_4_5_4"\stunnel"

    11/29/2010   10:14:52     Recovery from 4 Hrs
    11/29/2010   10:14:53     admininstrator cutoff reached, event recovery complete.
    11/29/2010   10:14:53     Service started.



  • 8.  RE: LDAP Error and invisible user names!

    Posted Nov 29, 2010 03:48 AM

    hi,

     

    there is also another error message in another DC's log:

     

    Failed to send data to host 10.90.34.13 error: 0

    Service started

    Error 12002 has occured while getting time stamp from 10.90.34.13

    Error 183 has occured.