XCP-ng
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    XOA Audit Log shows Failed logins for LDAP/AD on successful connections

    Scheduled Pinned Locked Moved Xen Orchestra
    1 Posts 1 Posters 4 Views 1 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D Offline
      dcskinner
      last edited by

      Greetings,

      Wondering if anyone else has seen this. I am using up-to-date XOA on the latest channel. I recently enabled the Premium Trial and am testing the Premium features.

      I was able to set up the auth-ldap plugin to talk to our AD servers and got groups importing and everything seems to be working normally. I then had a look at the Audit Log and found that successful logins via LDAP (AD) are being logged as "Sign in Failed". I tested and both good and bad logins show as failed in the Audit log. The local admin@admin.net user does not show failed on a good login.

      Anyone else seeing this behavior?

      I found this reference: https://github.com/vatesfr/xen-orchestra/issues/8351 that could be related I suppose. My users do have more than 6 group memberships, but auth is successful, just bad Audit info.

      Update: I just tested with a user with exactly 6 groups and saw the same behavior.

      Also, of note when a new user logs in, the Audit log is showing "Sign in Failed" with no user. The next time they login, it has the username along with "Sign in Failed". Not sure if the missing username on first login is expected.

      Thanks!

      kismetgerald-ngc created this issue in vatesfr/xen-orchestra

      open LDAP/Active Directory Authentication Fails if User is Member of More than 6 Groups #8351

      1 Reply Last reply Reply Quote 0
      • First post
        Last post