Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2459
Views
0
Helpful
1
Replies

Ldap Authentication fails for AD users with logon restrictions

exedraoldenburg
Level 1
Level 1

‎02-18-2011 01:15 AM

hallo,

some of our Active Directory users are configured to only logon to a limited number of machines.

Ironport Authentication (LDAP based, group authorization) fails for these users. (Invalid Credentials)

when I add the Ironport (hostname, ip-address, fqdn) to the list of allowed machines in the AD this

doesn't help.

log files on the Ironport didn't give any more hints.

thank you for your feedback.

Lucas

Labels:
0 Helpful
1 Reply 1

jahasan
Cisco Employee
Cisco Employee

‎02-22-2011 04:58 PM

When the IronPort queries the AD using LDAP it only checks whether the given user has valid credentials and which group the user belongs to, so that the relevant group policy can be applied.

If the logs did not help, the I would recommend running a packet capture on the IronPort for a working login and the non working login and see what the differences are in the login procedure.

0 Helpful
Customers Also Viewed These Support Documents