LDAP bind authenticate response FAILURE

khánh vũ

unread,

Mar 25, 2023, 5:52:36 AM3/25/23

to Diladele Web Safety

Dear Diladele team,

While using Ldap to authenticate our domain, our squid cache log shows us error of authentication as below. Kindly visit the attachment for more information.

WSAUTH-3536867 [INFO ] 94049125149936/1579 => LDAP bind authenticate response FAILURE......

I'm not sure what actually it means and how to resolve it.

Kindly advise us if it's convenient.

Thanks,

Khanh.

squid_cache.log

rafael....@diladele.com

unread,

Mar 25, 2023, 11:15:22 AM3/25/23

to Diladele Web Safety

This response means the authenticator was not able to validate NTLM credentials supplied by the client browser by making a LDAP bind to the LDAP server.

Why? - it may be for a lot of reasons.

Did the NTLM authentication work before or it is the first time you configured it?

Does this error happen for all users or for only some users?

Does it happen all the time or intermittently?

From the https://stackoverflow.com/questions/56984579/the-user-name-or-password-is-incorrect-8009030c-ldaperr-dsid-0c090579-comment it seems that error 52e means client supplied wrong credentials.

Usually if a client machine is in the domain - client credentials are supplied by the os so - it might happen if client is say linux/mac where user types those credentials himself and can make a typo mistake.

BTW it is always better to use Kerberos - hope you have it configured?

Best regards,

Rafael

khánh vũ

unread,

Apr 4, 2023, 1:59:24 AM4/4/23

to web-s...@googlegroups.com

Hi Rafael,

Sorry for missing your email.

And we are using Kerberos method along with NTLM, because of some of PCs are not in our domain.

The syslog file shows quite alot of this error, so is there any log that specify its IP address of the PC where the issue arises.

So that, i can find it and check computer/laptop in detail.

Or do you have any better advice, i'm glad to listen that.

Br,

Khanh.

Vào Th 7, 25 thg 3, 2023 vào lúc 22:15 rafael....@diladele.com <rafael....@diladele.com> đã viết:

--
You received this message because you are subscribed to a topic in the Google Groups "Diladele Web Safety" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/web-safety/DxMlXxWdnV4/unsubscribe.
To unsubscribe from this group and all its topics, send an email to web-safety+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/web-safety/8f0fa5fc-4849-433e-8f23-041b62fba3efn%40googlegroups.com.

Reply all

Reply to author

Forward