K1000 External LDAP Authentication
Our organization is using external LDAP authentication on the K1000 and having some trouble with incorrect logins to the admin portal. When an incorrect password is entered at kbox login, the admin account that is being used gets locked out because the kbox accesses multiple domain controllers. I have verified this in the domain controllers event viewer security logs. This does not happen in the user portal. The current scenario is that typing one incorrect password into the kbox locks out the admin account on the domain, which is not good.
Domain Controllers are running Server 2008 R2 -- K1000 version 5.2.38773
Has anyone else run into this issue?
0 Comments
[ + ] Show comments
Answers (1)
Please log in to answer
Posted by:
dchristian
12 years ago
hmm... That doesn't make sense... How many different ldap queries are you running?
Comments:
-
We do have separate LDAP queries for users and domain admins (using two DCs). I thought the extra queries might be the issue, but even when leaving just a single domain-wide query for a single DC the issue persists. The strangest thing is that the DC that tries the third time and locks the account is not listed anywhere on the kbox. It seems that the authentication request is hitting every DC with the bad password until a lockout occurs. - jrader 12 years ago
