Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
nagaraja_cs
Contributor

Not able to access native applications for AD users

Setup:Distributed

Version:R80.10 with TAKE_56

AD authentication for SSL VPN users stopped working after AD password expiry of non-admin user.

We were not able to see complete AD tree,we have manually added subdomain with parent domain,after that user is able to authenticate,but not able to access native applications. 

It is working for local users,it will also work AD users if I add 'All uers" in source column of Mobile access policy.

But if I am adding specific AD users or LDAP groups,traffic is dropping with MAB policy with non-existant rule which is showing in logs.

When I am checking for drops with #fw ctl zdebug + drop | grep <ip>,can see drops as per MAB policy rule number which doesn't exist in MAB policy.

The rule number will be changing randomly,but the drop rule number in logs and zdebug output shows same rule number.

Any suggestions on this ?

0 Kudos
1 Reply
PhoneBoy
Admin
Admin

I would engage with the TAC.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events