DCO 8.2.12 - Active Directory authentication is not working after upgrade

Hi Mate,

Can you please provide the following data:

server logs from 8.2.12 server

the 8.2.2 backup file, that you've used to restore on 8.2.12

You've mentioned "There is one expired certificate in the store but I cannot delete it." Can you please added some description/screen captures illustrating the issue.

Concerning the Authentication server settings error, when do you see the error? when you are entering/typing data in certain filed? 

You've mentioned that you have "restarted the operation service",  how? and wondering why it needed to be restarted?

Have you tried to reboot the server? and did it help?

I will send you an invite to my =S= box folder soon, so the data can safely be shared with me, thanks.

Kind regards

(CID:137106779)

Hi Jef,

I uploaded couple of log, backup and screenshot files. I started upgrade on 01/12/2018, so I used "Daily_2018-12-01_02.30.tar.gz" to import into 8.2.12.

Concerning the Authentication server settings error, when do you see the error? when you are entering/typing data in certain filed? 

When I try to save the auth server settings.

You've mentioned that you have "restarted the operation service",  how? and wondering why it needed to be restarted?

In Webmin at StruxureWare DC Operation > Setup I just inserted internal NTP servers which required service restart.

Have you tried to reboot the server? and did it help?

Yes, couple of times, did not resolve the issue.

Right now the situation is that AD auth is working but without SSL. However I get quite frequently errors so I would say it is unstable:

Unable to authenticate. The client will restart.

Your permission have changed. The application will restart in order for the changes to take affect.

From the other hand I guess something broken in the certificate store. When I would like to see and click on "Show" or "Delete" expired certificates then the whole page going to grey and nothing happens.

Let me know if you need more details and as always I open for a WebEx session where I can present.

Thank you.

(CID:137107371)

Hi Mate,

Thanks, I will look into the data and will get back to you as soon as possible.

Kind regards

(CID:137107373)

Hi Mate,

Thanks for the data, here's what I found out.

Concerning the authentication server settings error notification: seems to be certificate related error with the root exception java.security.cert.CertificateException.

According to the provide backup file, it seems you have managed to update the certificate on that AD server. 

So the option for ssl connection/configuration is/was certificate related.

And you've mentioned now it is working without ssl. However, server logs contain error connecting to LDAP server entries:

"Failure to perform user authentication; detailed message is "Error connecting to LDAP server, connection timeout for ldap://xxx".

That may explain why the communication between the client(s) and server could be interrupted/broken. And therefore you/user may see the Authentication error, saying "Unable to authenticate. The client will restart".

Kind regards

(CID:137108395)

This question is closed for comments. You're welcome to start a new topic if you have further comments on this issue.