Cannot login with AD credentials to portal
05-15-2018 12:59 PM
When trying to connect with any AD users to our portal we are denied access. This was working up until last Friday but as of Monday morning no one was able to log on.
On the portal, it shows that out connectors are inactive.
When I look on the connector I see that there is an error that it failed to connect to the Identity Platform because "The remote certificate is invaild according to the validation procedure."
I have opened a support ticket and one of my co-workers has called on this issue and we have been given no options or suggestions. Any ideas on what could be causing this?
Right now, no one in the company can login with AD, which is how all of the users are set up so we're dead in the water.
Solved! Go to Solution.
05-15-2018 05:27 PM
Welcome back to the fourms! I would like to apologize in advance and I will be sure to raise the priority of the support issue your collegue as opened up. This is something we want to address quickly as the impact is large.
Centrify is currently migrating the service the connector uses from Azure Service bus to TCPRelay. Have you already confirmed the neccessary ip's are allowed by your network for the connector to use the TCPRelay service.
05-16-2018 07:46 AM
Thank you for the response.
The servers that the connectors are running on are Windows 2016. I didn't see any documentation about needing to enable TLS 1.1 and TLS 1.2 on those, only Windows 2008 and later.
I did add the rules for the TCPRelay US East IP addresses on our firewall, per the documentation, but the connectors are still receiving the error message and not active. I did not see any blocks on our firewall before or after adding the rules for that either.
Interestingly, since yesterday afternoon when I re-register the connector I see success for all checks (see attached picture). Up until yesterday afterrnoon the Certificate Check portion of the checks had a warning in the status.
05-16-2018 08:17 AM
Out connectors are both connecting now. There wasn't any changes made after the firewall changes. I was experiencing the issue until about five minutes ago when SSO logged me in with no issues.