Guest

Preview Tool

Cisco Bug: CSCuj21735 - PRSM ENH Event viewer support for AD failure codes

Last Modified

May 26, 2015

Products (1)

  • Cisco ASA Next-Generation Firewall Services

Known Affected Releases

100.3(0.2.26)

Description (partial)

Symptom:
In PRSM Event viewer for failed AD authentication we have no indication what was the reason for that.
Right now we can only see that authentication has failed.

We should have the reason why it has failed. Like on ACS or ISE. Example reasons:
- user not found
- password incorrect
- account locked
- password expired
- error connecting to LDAP server
- can not get AD global catalog
- DNS resolution failed
- account blocked by the AD policy (eg. logonhours)
- Kerberos AS-REP failed
- Kerberos TGS-REP failed

Conditions:
AD authentication for all types of authentication (Basic, NTLM, Kerberos, Advanced)
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.