Products
Solutions
Partners
Support
Company
Try Now
Pulse Secure Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Logging in with AD domain specified in the username

jwalker55
Occasional Contributor
‎03-31-2017 06:13:PM
‎03-31-2017 06:13:PM

Logging in with AD domain specified in the username

This is on a MAG 2600

Currently, our users login to the portal just fine using their domain username. However, I am trying to get Network Connect working at Windows logon so remote users with laptops can authenticate to the domain without using cached credentials. In the particular role that I'm testing, I have the "Launch client during Windows Interactive User Logon" setting enabled as well as "Require client to start when logging into Windows". It seems to almost be working in the sense that it's attempting to initiate the connection, but Windows is supplying the MAG with the domain in the username (as "domainname\username", as expected) and it's rejecting the login.

In the log, I see (edited of course):

AUT23457 2017-03-31 13:48:51 - ive - [user's public ip] domainname\username(Name of Realm)[] - Login failed using auth server Name of Auth Server (LDAP Server). Reason: Failed

So, as expected, I receive the same error if I try logging into the regular sign-in page in a browser with the username formatted as domain\username. If I remove the domain and leave the bare username, it logs in fine. Is something off in the LDAP setup?
0 Kudos
6 REPLIES 6
jwalker55
Occasional Contributor
‎03-31-2017 06:31:PM
‎03-31-2017 06:31:PM

Re: Logging in with AD domain specified in the username

I typo'd the log when editing it. It should say:

AUT23457 2017-03-31 13:48:51 - ive - [user's public ip] domainname\username(Name of Realm)[] - Login failed using auth server Name of Auth Server (LDAP Server). Reason: Failed
0 Kudos
zanyterp
Moderator
Moderator
‎04-02-2017 09:04:PM
‎04-02-2017 09:04:PM

Re: Logging in with AD domain specified in the username

Nope; you have it configured correctly.
The LDAP server type does not support domain\username format for login
jwalker55
Occasional Contributor
‎04-02-2017 10:03:PM
‎04-02-2017 10:03:PM

Re: Logging in with AD domain specified in the username

Yep, guess I learned it the hard way. It's actually active directory, so i'm going to just add a new auth server and reconfigure my realm.

Thanks!
0 Kudos
zanyterp
Moderator
Moderator
‎04-03-2017 02:32:AM
‎04-03-2017 02:32:AM

Re: Logging in with AD domain specified in the username

You are welcome
As you make that change, be aware that you lose access to attributes in your role mapping rules, resource policies, and bookmarks (if you are using them).
jwalker55
Occasional Contributor
‎04-03-2017 03:38:AM
‎04-03-2017 03:38:AM

Re: Logging in with AD domain specified in the username

Thanks for the heads up.
0 Kudos
jwalker55
Occasional Contributor
‎04-03-2017 12:57:PM
‎04-03-2017 12:57:PM

Re: Logging in with AD domain specified in the username

That did it. Setup a test sign-in url, test realm, and auth server using AD server type and it works as intended. Good reason to clean up my roles too. This was setup before I was here back in the Juniper SA days.

Thanks
0 Kudos
© 2017 Pulse Secure, LLC. Use of this website assumes acceptance of our Legal Notices and Privacy Policy. Pulse Secure has updated its Privacy Policy effective June 28, 2017.