Hi folks,
Last week we had an outage and none of us could get out to Internet. We only use NTLM authentication and our AD is working. When user connect to proxy, they are blocked and would not match any policy.
Policy Match
Decryption policy: None
Routing policy: None
Identity policy: AD_AUTH
Access policy: None
Final Result
Request blocked
Details: Authentication required
Trace session complete
Then when I look at proxy_auth logs, I found some interesting. Hope someone could explain what these mean:
24/Nov/2009:09:15:13 +1100 CRITICAL : PROX_AUTH : - : creds_client_check: credentials check failed.
24/Nov/2009:09:15:13 +1100 CRITICAL : PROX_AUTH : - : rpccli_netlogon_sam_network_logon: credentials chain check failed
24/Nov/2009:09:15:15 +1100 WARNING : PROX_AUTH : - : cli_rpc_pipe_close: cli_close failed on pipe \NETLOGON, fnum 0xc000 to machine smith.gas.com. Error was SUCCESS - 0
24/Nov/2009:09:15:16 +1100 CRITICAL : PROX_AUTH : - : creds_client_check: credentials check failed.
24/Nov/2009:09:15:16 +1100 CRITICAL : PROX_AUTH : - : rpccli_netlogon_sam_network_logon: credentials chain check failed
24/Nov/2009:09:15:23 +1100 WARNING : PROX_AUTH : - : cli_rpc_pipe_close: cli_close failed on pipe \NETLOGON, fnum 0xc000 to machine smith.gas.com. Error was SUCCESS - 0
24/Nov/2009:09:15:24 +1100 CRITICAL : PROX_AUTH : - : creds_client_check: credentials check failed.
24/Nov/2009:09:15:24 +1100 CRITICAL : PROX_AUTH : - : rpccli_netlogon_sam_network_logon: credentials chain check failed
24/Nov/2009:09:15:26 +1100 WARNING : PROX_AUTH : - : cli_rpc_pipe_close: cli_close failed on pipe \NETLOGON, fnum 0xc000 to machine smith.gas.com. Error was SUCCESS - 0
Thanks!