Guest

Preview Tool

Cisco Bug: CSCvh91452 - WSA doesn't failover to backup AD servers if it cannot obtain netbios name from primary AD server

Last Modified

Feb 13, 2018

Products (1)

  • Cisco Web Security Appliance

Known Affected Releases

10.1.1-235

Description (partial)

Symptom:
WSA authentication fails  doesn't failover to backup AD servers if it cannot obtain netbios name from primary AD server due to permission error

*WSA will failover to backup AD server if it no longer has network connectivity to primary AD server

Conditions:
-Authentication enabled

-Multiple AD servers configured 

-WSA has network connectivity to primary AD server, but no longer has privileges to authenticate users

-AD server removes permissions for WSA account causing below errors ----

15 Jan 2018 11:01:44 (GMT -0500) Warning: PROX_AUTH : 5319800 : [CORP.PETER-CISCO.COM]could not obtain winbind domain name!
15 Jan 2018 11:01:44 (GMT -0500) Critical: PROX_AUTH : 5319800 : [CORP.PETER-CISCO.COM]could not obtain winbind netbios name!
15 Jan 2018 11:01:44 (GMT -0500) Warning: PROX_AUTH : 5319801 : [CORP.PETER-CISCO.COM]could not obtain winbind domain name!
15 Jan 2018 11:01:44 (GMT -0500) Critical: PROX_AUTH : 5319801 : [CORP.PETER-CISCO.COM]could not obtain winbind netbios name!
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.