Solved: Joining in domain Authentication issues

lambay2000 · ‎10-03-2011

Hello Friends,

I get the following errors when joining WSA to domain, though the WSA is pingable and there is no firewall blocking the connection, i saw the logs and i find only this can anybody help with the issues please.

The domain controllers are listed in DNS TAB of ironport

DC are pingable from WSA.

03/Oct/2011:16:04:41 +0400 INFO : PROX_AUTH : - : NTLM CRAP authentication for user [NAC]\[DON] returned NT_STATUS_NO_LOGON_SERVERS (PAM: 12)

03/Oct/2011:16:04:41 +0400 CRITICAL : PROX_AUTH : - : NTLMSSP BH: NT_STATUS_NO_LOGON_SERVERS

03/Oct/2011:16:04:43 +0400 INFO : PROX_AUTH : - : NTLM CRAP authentication for user [NAC]\[DON] returned NT_STATUS_NO_LOGON_SERVERS (PAM: 12)

03/Oct/2011:16:04:43 +0400 CRITICAL : PROX_AUTH : - : NTLMSSP BH: NT_STATUS_NO_LOGON_SERVERS

03/Oct/2011:16:08:19 +0400 WARNING : PROX_AUTH : - : Could not receive trustdoms

03/Oct/2011:16:13:21 +0400 WARNING : PROX_AUTH : - : Could not receive trustdoms

03/Oct/2011:16:17:16 +0400 CRITICAL : PROX_AUTH : - : ads_connect: No logon servers

03/Oct/2011:16:17:23 +0400 CRITICAL : PROX_AUTH : - : ads_connect: No logon servers

03/Oct/2011:16:17:30 +0400 CRITICAL : PROX_AUTH : - : ads_connect: No logon servers

03/Oct/2011:16:17:37 +0400 CRITICAL : PROX_AUTH : - : ads_connect: No logon servers

03/Oct/2011:16:18:19 +0400 INFO : PROX_AUTH : - : NTLM CRAP authentication for user [NAC]\[DON] returned NT_STATUS_NO_LOGON_SERVERS (PAM: 12)

03/Oct/2011:16:18:19 +0400 CRITICAL : PROX_AUTH : - : NTLMSSP BH: NT_STATUS_NO_LOGON_SERVERS

03/Oct/2011:16:18:23 +0400 WARNING : PROX_AUTH : - : Could not receive trustdoms

Thanks

Ken Stieers · ‎10-03-2011

Try the following:

When setting up the realm, us IPs instead of names for the Active Directory Servers.

Make sure the doman name is the dns name for the domain, not netbios (e.g. "opus.corp.local", not "opus")

What does the Test report?

View solution in original post

Ken Stieers · ‎10-03-2011

Try the following:

When setting up the realm, us IPs instead of names for the Active Directory Servers.

Make sure the doman name is the dns name for the domain, not netbios (e.g. "opus.corp.local", not "opus")

What does the Test report?

lambay2000 · ‎10-03-2011

Hello Ken,

I did the same before as per ur mail but no results,

As this is a New setup i joined the WSA a MONTH before without any issues in the domain but today when it was going live it was not authenticating users while prompting for username and password,after putting proper username and password it was not accepting. So i removed from the domain and try to rejoined in the domain again ,but now i m unable to join in the domain. when it was in the domain i try to click on the test buuton and it gave me the below output.

Test Results when it was in domain:

Checking DNS resolution of WSA hostname(s)...

Success for P1 interface

Failed for M1 interface

Checking DNS resolution of Active Directory Server(s)...

Success: Resolved '128.1.3.14' address: 128.1.3.14

Success: Resolved '128.1.3.18' address: 128.1.3.18

Checking DNS resolution of AD Server(s)' full computer name(s)...

Failure: Queries to server '128.1.3.14' on port 389 failed :

Timeout while waiting for response from server

Failure: Queries to server '128.1.3.18' on port 389 failed :

Timeout while waiting for response from server

Validating configured Active Directory Domain...

Failure: Queries to server '128.1.3.14' on port 389 failed :

Timeout while waiting for response from server

Failure: Queries to server '128.1.3.18' on port 389 failed :

Timeout while waiting for response from server

When i try to telnet from the CLI of WSA to AD on port 389 it is success but joining the domain fails.

lambay2000 · ‎10-13-2011

I found the issue it was with DNS

Thanks for ur replies kein.

alexdelangel · ‎08-09-2014

Hello friends,

Please allow me to resurect this old post! I am facing the same issue, I have already configured the IP addres of my LDAP server. My logs says that it is an invalid username. Could you please help me tofigure out, which the issue is?

Regards!