Solutions

Auth Connector shows green, but all users are showing up as unauthenticated.

Solutions ID:    KB5105
Version:    3.0
Status:    Published
Published date:    05/04/2012
Updated:    06/20/2013
 

Problem Description

The Auth Connector connection status is green, but all users are showing up as unauthenticated.

The ThreatPulse (cloud) Auth Connector connection status is green (good) and connected in the Portal, but all users display as "Unauthenticated" users.

On the Windows server running the Auth Connector, the following SSL error (triggered by the Auth Connector) was seen in the Windows application event log: 

"The certificate chain was issued by an authority that is not trusted."

 

After running this command: 

netstat –an | find "443"

There were multiple connections to 199.116.173.xxx:443 in TIME_WAIT status.

NOTE: This IP address is one of the portal IP addresses, similar to those described in KB4583

After enabling debug logging for BCCA Auth Connector agent, it was seen that the connection to auth.threatpulse.com was successful (in the BCCA debug log), but the connection to the cloud service (IP similar to: 199.116.173.xxx) was failing with the above certificate error.

 

 

Resolution

To resolve the issue, enter the IP address in the SSL error in a Web browser on the Windows server that is running the Auth Connector. For example:

https://199.116.173.xxx

The full certificate chain is viewed and the intermediate CA certificate is saved to a local file.

Launch Start->Run "mmc" and the Certificates snap-in for the local computer account is added.

The intermediate CA certificate is imported into the Intermediate CA store, and the BCCA agent is restarted.

At this point, all users get authenticated.

 


Rate this Page

Please take a moment to complete this form to help us better serve you.

Did this document help answer your question?
 
 
If you are finished providing feedback, please click the RATE CONTENT button. Otherwise, please add more detail in the following text box and then click RATE CONTENT.
 
 

Your response will be used to improve our document content.

Ask a Question