Security

Reply
New Contributor
Posts: 4
Registered: ‎12-15-2014

CPPM - Onboard - Preauth with AD. Authentication error

Hello, 

It seems that there is a problem with the web authentication for onboard when using Active Directory. 

If I enter my credential in the web portal I get a username / password invalid. But when looking at  CPPM, I got the following error :

 

Error Code:
105
Error Category:
Internal error
Error Message:
Internal error in performing authentication
Alerts for this Request
WebAuthService Value for param Authentication:Username not found

 

When I look at the logs, I got this error :

2014-12-15 12:28:21,855 [ajp-apr-8009-exec-1] R:W00000001-01-548f1a35] ERROR com.avenda.tips.dataaccess.ldap.LdapAuthenSession - Failed to authenticate user=bellwifi @ AD Hopital(10.1.1.98)
2014-12-15 12:28:21,857 [ajp-apr-8009-exec-1] R:W00000001-01-548f1a35] WARN com.avenda.tips.webauthservice.AuthenHandler - Authentication failed @ AD Hospital
2014-12-15 12:28:21,858 [ajp-apr-8009-exec-1] R:W00000001-01-548f1a35] ERROR com.avenda.tips.webauthservice.WebAuthHandler - Failed to perform webauth, reason=InternalErrorInAuthentication

 

The connection with my AD is working properly because I can authenticate using PEAP-MSCHAPv2 and it works.

 

I have install the patch#3 thinking I will maybe resolve this bug but with no luck...

I have restarted the server and it is still not working.

 

MVP
Posts: 505
Registered: ‎05-11-2011

Re: CPPM - Onboard - Preauth with AD. Authentication error

I don't think there is a bug in there cause I'm running onboard with AD authentication without any problem using Patch#3 for 6.4. Fastest way to solve this would be to open a TAC case.

 

A few things to try..

* Did you use the Wizard for implementing the Onboard services? Verify that those are triggered, and you have added AD is an auth source on the Onboard Pre-Auth and Onboard Provisioning service.

* Does this procedure work with guest accounts? Try registering one and see how it goes when logging in with that.

* Create a normal web-login and see if you can successfully authenticate with an AD account.

 

Check that the service involved for onboarding is similar to where you have successfull authentication when it comes to auth type and auth source.

 

That could narrow it down to either problems with the form, or perhaps the services involved.

 


Regards
John Solberg

-ACMX #316 :: ACCP-
Intelecom - Norway
----------------------------
Remember to Kudo if a post helped you! || Problem Solved? Click "Accept as Solution" in a post!
New Contributor
Posts: 4
Registered: ‎12-15-2014

Re: CPPM - Onboard - Preauth with AD. Authentication error

Hello John,

 

I would propably have to open a ticket with the TAC.

 

Yes the onboard services has been created using the wizard. I have added the AD authentication source to both services and I tried to use a guest account to log in and it worked. It really seems to not communicate with the AD at all but I know that my AD is properly configured because I can use it for authenticating user using PEAP.

 

I have added some picture showing the error logs.

MVP
Posts: 505
Registered: ‎05-11-2011

Re: CPPM - Onboard - Preauth with AD. Authentication error

I assume you've also tried with a client connected on wifi?

 

Try TAC - they are quick to respond ;)


Regards
John Solberg

-ACMX #316 :: ACCP-
Intelecom - Norway
----------------------------
Remember to Kudo if a post helped you! || Problem Solved? Click "Accept as Solution" in a post!
MVP
Posts: 4,168
Registered: ‎07-20-2011

Re: CPPM - Onboard - Preauth with AD. Authentication error

What version of CPPM are you running ?
Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
New Contributor
Posts: 4
Registered: ‎12-15-2014

Re: CPPM - Onboard - Preauth with AD. Authentication error

I am running 6.4.3.69023

Patches 1, 2 and 3 are installed and applied.

New Contributor
Posts: 4
Registered: ‎12-15-2014

Re: CPPM - Onboard - Preauth with AD. Authentication error

Finally, I have found the problem. It was a space character in the filter query of the AD connection.

Search Airheads
Showing results for 
Search instead for 
Did you mean: