Last Modified: Sep 13, 2023
Affected Product(s):
BIG-IP APM
Known Affected Versions:
14.1.0.5, 14.1.0.6, 14.1.2, 15.0.0, 15.0.1
Fixed In:
15.1.0, 15.0.1.1, 14.1.2.1
Opened: Jun 24, 2019 Severity: 2-Critical Related Article:
K05115516
As a result of this issue, you may encounter one or more of the following symptoms: -- Users cannot log in through the BIG-IP APM system. -- In the /var/log/apm file, the system logs warning messages similar to the following examples: - warning eca[11256]: 01620002:4: [Common] 192.168.0.1:60294 Authentication with configuration (/Common/server1.example.com) result: user01@USER01 (WORKSTATION): Fail (UNEXP_006C0065) - warning nlad[11261]: 01620000:4: <0x2b4d27397700> client[46]: DC[10.10.10.12]: schannel[0]: authentication failed for user 'user01', return code: 0x006c0065 Note: The reported return code may be a value other than 0x006c0065 or 0x00000007. However, the larger the size of the SIDS and Attributes array, the more likely the error value will be 0x00000007.
The authentication process fails and the user cannot log in.
This issue occurs when all of the following conditions are met: -- Your BIG-IP APM system is configured to provide NTLM front-end authentication. -- The authentication response contains a non-empty SID_AND_ATTRIBUTES array. For example, this issue can occur when the user is a member of universal groups from a trusted domain.
None.
None