03-22-2018 07:28 PM - edited 02-21-2020 10:51 AM
I have a user in another AD domain, which we have visibility of from the ISE. The user is identified and authenticated correctly via this sub domain. When it moves to authorization the exact same domain is checked for identification and now gets an error.
Authentication passing -
24313 | Search for matching accounts at join point - ad.company.com | |
24320 | Multiple matching accounts in forest - ad.company.com |
Authorization failing -
24313 | Search for matching accounts at join point - ad.company.com | |
24317 |
LDAP search in domain failed - ad.company.com,ERROR_DOMAIN_IS_OFFLINE |
Is there any checks or logs I can find to debug this? It happens everytime I check and its checking the same domain as it authenticated against.
Thanks
Brad
Solved! Go to Solution.
07-22-2019 11:19 AM
This fix didn't work for me, I am at the most current patch and have rebooted multiple times. I found that if I disable other whitelisted domains it allows me to authenticate. However, it isn't a valid fix. I need to have the ability to authenticate to multiple domains.
07-23-2019 02:44 PM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide