Guest

Preview Tool

Cisco Bug: CSCvt39125 - AD groups missing in user group membership when centralized authentication cache used

Last Modified

Jun 05, 2020

Products (1)

  • Cisco Web Security Appliance

Known Affected Releases

12.0.1-268

Description (partial)

Symptom:
Users don't match a correct access/decryption policy or even getting blocked by default policy in specific conditions when centralized authentication cache and IP surrogates are used.

CLI -> authcache -> searchdetail shows inconsistency in Auth Groups Total number and the actual number of groups in the list.

Conditions:
1. Multiple AD groups are set in access/decryption policies
2. IP surrogates are enabled
3. Centralized authentication cache is enabled
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.