Description |
This article describes the scenario where a user is unable to get agentless NTLM working and sees the following error when running the run the wad debug. |
Scope | FortiProxy v7.2. |
Solution |
Wad debug commands:
diag wad filter src diag wad debug enable category auth diag wad debug enable level info diag debug en diag debug console timestamp enable
The snippet of output:
[I]2023-12-28 09:16:11.123777 [p:1052][s:509972419][r:16777347] wad_http_auth_status_proc :10802 ses_ctx: ses_ctx:cx|Phx|Me|Hh|C|A7|O authenticate result=pendi ng [I]2023-12-28 09:16:11.127039 [p:1052] wad_hauth_ntlm_smb_notify :175 agentless NTLM authentication sucessfully Administrator:usr_node:(nil) do main(msg3)='' [E]2023-12-28 09:16:11.130459 [p:1052] wad_group_info_auth_on_fnbam_resp :154 auth resp:0x7fff469bba70 ,auth failure auth result:9 [I]2023-12-28 09:16:11.130477 [p:1052][s:509972419][r:16777347] wad_http_auth_status_proc :10802 ses_ctx: ses_ctx:cx|Phx|Me|Hh|C|A7|O authenticate result=group -query-failed
config user ldap edit "ldap" set server "ip address" set cnid "sAMAccountName" set dn “your dn set type regular set username "" set password ENC set account-key-processing strip set account-key-filter "(&(sAMAccountName=%s)(!(UserAccountControl:1.2.840.113556.1.4.803:=2)))" next end |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.