Last Modified: Jul 13, 2024
Affected Product(s):
BIG-IP APM
Known Affected Versions:
11.4.1, 11.5.4, 11.5.4 HF1, 11.5.4 HF2, 11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4, 11.6.0 HF5, 11.6.0 HF6, 11.6.0 HF7, 11.6.0 HF8, 11.6.1, 11.6.1 HF1, 11.6.1 HF2, 11.6.2, 11.6.2 HF1, 11.6.3, 11.6.3.1, 11.6.3.2, 11.6.3.3, 11.6.3.4, 11.6.4, 11.6.5, 11.6.5.1, 11.6.5.2, 11.6.5.3, 12.0.0, 12.0.0 HF1, 12.0.0 HF2, 12.0.0 HF3, 12.0.0 HF4
Fixed In:
12.1.0, 11.5.4 HF3
Opened: Dec 30, 2015 Severity: 3-Major
ECA logs an error message in this format: Could not verify user (<Domain Name>\<User Name>) credential (<Reason>) Example: Could not verify user (mv4\test1) credential (STATUS_NO_LOGON_SERVERS) However, due to missing NUL termination, the user name and domain name may include garbage data such as follwing example: Could not verify user (mv413abfee\test1ewq12dsasd) credential (STATUS_NO_LOGON_SERVERS)
BIG-IP could not send the verification to ActiveDirectory server for any reasons such as down ActiveDirectory server, incorrect machine account information between BIG-IP, and ActiveDirectory server, etc.
When NTLM front end authentication could not send the verification of the user's credential (e.g. ActiveDirectory server is down)
No workaround
Now it properly logs the message with correct domain name and user name.