Cisco Bug: CSCuo04787 - CX: ADI doesn't use updated join password upon reconfiguring it
Apr 06, 2016
- Cisco ASA Next-Generation Firewall Services
Known Affected Releases
100.4(0.0.6) 100.5(0.0.161) 9.2(1.2.78)
Symptom: CX will fail to use a new join password configured for an active directory (AD) realm if a previous password has already been committed. This could cause active authentication to fail with following messages in adi.log: 2014-04-01 15:33:03,966 DEBUG vdi.daemon - auth: received auth request. 2014-04-01 15:33:04,465 ERROR vdi.daemon - likewise: Join returned LW_ERROR_PASSWORD_MISMATCH 2014-04-01 15:33:04,467 ERROR vdi.daemon - ad: likewise down... restarting. 2014-04-01 15:33:07,368 ERROR vdi.daemon - likewise: Join returned LW_ERROR_PASSWORD_MISMATCH 2014-04-01 15:33:07,369 ERROR vdi.daemon - ad: join 'cxlab.com' failed. 2014-04-01 15:33:07,369 ERROR vdi.daemon - ad: auth failed, not joined to domain=cxlab.com 2014-04-01 15:33:07,369 INFO vdi.daemon - auth: failed auth request. 2014-04-01 15:33:07,369 INFO vdi.daemon - auth: sending authentication event type='7' Conditions: Join password configured first was committed and then we attempt to change the join password.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases