Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions
Custom Alert Banner

F5 AppWorld 2024 session proposal deadline extended to Friday, December 8th!

Help troubleshooting AD Auth on F5 LB

jharper52
Nimbostratus
Nimbostratus

‎21-Apr-2021 17:57

Hi All. We're trying to configure AD auth and running into major issues. The strange thing is that telnet succeeds, I've reset and confirmed the bind user's password, and have reset and confirmed the test AD user password. Any help will be much appreciated!

 

successful connection on 389 and 3269 -

 

[admin@lb1:Standby:Changes Pending] log # telnet <AD IP> 3269

Trying <AD IP>...

Connected to <AD IP>.

Escape character is '^]'.

 

[admin@lb1:Standby:Changes Pending] log # telnet <AD IP> 389

Trying <AD IP>...

Connected to <AD IP>.

Escape character is '^]'.

 

 

 

In /var/log/secure, I see -

Apr 21 19:43:37 lb1 warning httpd[8867]: [warn] [client <IP>] AUTHCACHE Error processing cookie DE71A3EB7E09C285EE804A880D473DA378684CCB - Cookie user mismatch, referer: https://<F5 IP>/tmui/login.jsp?msgcode=1&

Apr 21 19:43:37 lb1 warning httpd[8867]: [warn] [client <IP>] AUTHCACHE Error processing cookie F69E5702BC54A5517DD6CF34EFB66C09E2939501 - Cookie user mismatch, referer: https://<F5 IP>/tmui/login.jsp?msgcode=1&

Apr 21 19:43:37 lb1 warning httpd[8867]: [warn] [client <IP>] AUTHCACHE Error processing cookie ED2B8DAF7E221E2572F7094214AAB91947FE048D - Cookie user mismatch, referer: https://<F5 IP>/tmui/login.jsp?msgcode=1&

Apr 21 19:43:37 lb1 err httpd[8867]: pam_ldap: ldap_simple_bind Can't contact LDAP server

Apr 21 19:43:37 lb1 err httpd[8867]: pam_ldap: reconnecting to LDAP server...

Apr 21 19:43:37 lb1 err httpd[8867]: pam_ldap: ldap_simple_bind Can't contact LDAP server

Apr 21 19:43:37 lb1 warning httpd[8867]: pam_unix(httpd:auth): check pass; user unknown

Apr 21 19:43:37 lb1 notice httpd[8867]: pam_unix(httpd:auth): authentication failure; logname= uid=48 euid=48 tty= ruser= rhost=<IP>

Apr 21 19:43:38 lb1 err httpd[8867]: [error] [client <IP>] AUTHCACHE PAM: user 'devf5test' (fallback: false) - not authenticated: Authentication failure, referer: https://<F5 IP>/tmui/login.jsp?msgcode=1&

Apr 21 19:43:38 lb1 info httpd(pam_audit)[8867]: User=devf5test tty=(unknown) host=<IP> failed to login after 1 attempts (start="Wed Apr 21 19:43:37 2021" end="Wed Apr 21 19:43:38 2021").

Apr 21 19:43:38 lb1 info httpd(pam_audit)[8867]: 01070417:6: AUDIT - user devf5test - RAW: httpd(pam_audit): User=devf5test tty=(unknown) host=<IP> failed to login after 1 attempts (start="Wed Apr 21 19:43:37 2021" end="Wed Apr 21 19:43:38 2021").

Labels:
0 Kudos
1 REPLY 1

Daniel_Wolf
MVP
MVP

‎22-Apr-2021 02:11

Hi jharper52,

 

if you are trying AD auth, it uses port 88/Kerberos. I captured this a while back.0691T00000CnVewQAF.png 

KR

Daniel

 

Additionally, check this out for troubleshooting: K11308: Overview of the adtest tool

And verify DNS and NTP are configured and working.

0 Kudos
Copyright © 2023 Khoros, LLC