This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
RUCKUS Self Help |   ASK the Pack
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Administrator access via Active Directory?

dan_swartzendru
New Contributor III

‎09-05-2020 01:06 PM

Is it possible to login to the web UI authenticated using AD?  I can't seem to get it to work.  I created a role, made sure it it had super admin box checked.  In the AD config, I used the test button to give a user and password.  Unleashed correctly printed out the various groups, including Administrators, and said the user would be assigned to that group.  The role I created was called Administrators, and had 'Administrators' in the Group Attributes, so I *assumed* it would work, but instead I get a login error.  I assume I'm missing a piece of the puzzle here, but no idea what.  Any tips appreciated.
14 REPLIES 14

dan_swartzendru
New Contributor III
In response to dan_swartzendru

‎09-07-2020 07:28 AM

So if there are any 'funny' characters in the post, I had to use the mode.  Well then...
0 Kudos

dan_swartzendru
New Contributor III

‎09-07-2020 07:27 AM

Hmmm, interesting. I either found a bug, or something confusing. So, I have user 'Administrator' (set up during install). Local password is (example) 'foo'. 'Administrator' account under AD has password 'bar'. If I login as 'Administrator' and give 'bar', the log shows this: 2020-09-07T10:05:57-04:00 family-room-ap.druber.com syslog: pid=1577, AuthAdmin():admin login succeed, is_local_auth is 0 2020-09-07T10:05:57-04:00 family-room-ap.druber.com syslog: pid=1577, AuthAdmin():the user is not local auth,no need to promote password recovery feature!! (I am using remote syslog feature). The above is as expected. Now, the wrong/weird thing. I login as 'Administrator' using 'foo', and log shows: 2020-09-07T10:07:15-04:00 family-room-ap.druber.com syslog: pid=1577, AuthAdmin():admin login succeed, is_local_auth is 0 2020-09-07T10:07:15-04:00 family-room-ap.druber.com syslog: pid=1577, AuthAdmin():the user is not local auth,no need to promote password recovery feature!! e.g. even though the gave the local password (I have fallback box checked), it is still claiming not local authentication?
0 Kudos

tony_heung
Contributor II

‎09-07-2020 07:41 AM

The syslog message "no need to promote password recovery feature" takes a number of factors to be generated, not necessarily all based on if it is local auth or not.  I wouldn't based on this message alone and conclude the system has determined this is not local auth even using the local password.  What if you setup with different admin username for AD while keep the Administrator username as local?  Would you get the same result?
0 Kudos

dan_swartzendru
New Contributor III
In response to tony_heung

‎09-07-2020 07:56 AM

One point of confusion: administrator happens to also be an AD user.  So, I changed the local user to 'admin'.  I then logged in via ssh:

Please login: admin
Password:
Welcome to Ruckus Unleashed Network Command Line Interface
ruckus>

admin login succeed, is_local_auth is 0

something is not right?


0 Kudos

tony_heung
Contributor II
In response to tony_heung

‎09-07-2020 10:20 AM

Understood.  Basically the AD auth is working fine but you found it odd that the system returned the message saying it is local auth instead?  Maybe it's time to log a ticket with support and so they can examine the log in more detail.  
0 Kudos
Copyright © 2024 Khoros, LLC