| Description |
This article describes the scenario where a user is unable to get agentless NTLM working and sees the following error when running the run the wad debug. |
| Scope | FortiProxy v7.2. |
| Solution |
Wad debug commands:
diag wad filter src diag wad debug enable category auth diag wad debug enable level info diag debug en diag debug console timestamp enable
The snippet of output:
[I]2023-12-28 09:16:11.123777 [p:1052][s:509972419][r:16777347] wad_http_auth_status_proc :10802 ses_ctx: ses_ctx:cx|Phx|Me|Hh|C|A7|O authenticate result=pendi ng [I]2023-12-28 09:16:11.127039 [p:1052] wad_hauth_ntlm_smb_notify :175 agentless NTLM authentication sucessfully Administrator:usr_node:(nil) do main(msg3)='' [E]2023-12-28 09:16:11.130459 [p:1052] wad_group_info_auth_on_fnbam_resp :154 auth resp:0x7fff469bba70 ,auth failure auth result:9 [I]2023-12-28 09:16:11.130477 [p:1052][s:509972419][r:16777347] wad_http_auth_status_proc :10802 ses_ctx: ses_ctx:cx|Phx|Me|Hh|C|A7|O authenticate result=group -query-failed
config user ldap edit "ldap" set server "ip address" set cnid "sAMAccountName" set dn “your dn set type regular set username "" set password ENC set account-key-processing strip set account-key-filter "(&(sAMAccountName=%s)(!(UserAccountControl:1.2.840.113556.1.4.803:=2)))" next end |
