Jump to content


Photo

LDAP user authentication issues

Web Filter 610

  • Please log in to reply
3 replies to this topic

#1 Matt in VA

Matt in VA
  • Members
  • 4 posts

Posted 18 June 2019 - 11:38 AM

  • Recently we started having issues with LDAP Authentication, so basically, it cannot identify anyone specifically.
  • We had not made changes to domain or other policies that would affect Audit Logging on domain controllers prior to this problem showing up.
  • When we checked with Barracuda staff on settings for the local security policy on one of our DC's, the audit settings were greyed out. I believe this is due to a domain policy taking precedence. Default DC policy has setting set as they require.
  • We've set Default DC policy to audit for success and failure of log in events to satisfy the requirement from Barracuda, but I am still now operating without any user details. I've tried many things and policy changes to see if it would help logging, but nothing is working.
  • Wondering if going back to the last Barracuda firmware might help. Not sure when the authentication broke, but I feel like I am chasing ghosts.
  • I've deleted LDAP Settings and rules associated and set back up. I've made sure the Clients running on the DCs are on the latest version and match both settings and version-wise.

Where do I go from here? I've done two calls with support and cannot make this work. It keeps coming back to where they say the local security audit policy must show check marks in Success and failure boxes.

 



#2 Matt in VA

Matt in VA
  • Members
  • 4 posts

Posted 18 June 2019 - 03:37 PM

I'll add to this that all of this was working fine at one time within the last month or so, so I don't know if the Barracuda updates changed something or not. 



#3 John Irwin

John Irwin
  • Barracuda Team Members
  • 52 posts

Posted 19 June 2019 - 08:34 AM

There are several things that are easier to verify with a technician, it will be best to contact support for assistance on this.

 

the top main concerns are these

1. aggregate is turned on for no reason

2. user group page is set to use LDAP for no reason for basic authentication settings. this is for remote users needs.

3. DC agents are not set properly for all settings

4. DCagents are outdated for firmware level.

5. Services hung or stale on WSG

and several others that cannot be confirmed on the GUI or fixed by a restart

 

 



#4 Matt in VA

Matt in VA
  • Members
  • 4 posts

Posted 19 June 2019 - 09:49 AM

There are several things that are easier to verify with a technician, it will be best to contact support for assistance on this.

 

the top main concerns are these

1. aggregate is turned on for no reason

2. user group page is set to use LDAP for no reason for basic authentication settings. this is for remote users needs.

3. DC agents are not set properly for all settings

4. DCagents are outdated for firmware level.

5. Services hung or stale on WSG

and several others that cannot be confirmed on the GUI or fixed by a restart

 

Thank you so much. I have a feeling several of these are possibly ruled out already, but I do feel like perhaps there is something we are all missing. 







Also tagged with one or more of these keywords: Web Filter 610