12-05-2023 03:35 AM
Hello, I'm running out of ideas to tshoot a GP connection problem. I have a user that is in an AD group uservpn (checked on the cli and it's fine). Added this group to Portal and GW configuration and I can't connect. If I live any for the config under user/user group for portal and Gateway it works. I see the user has this group on the CLI but somehow the firewall can't make the association on the login
{"level":"info","time":"2023-12-05T12:25:17.046726663+01:00","message":"loadGlobalRegionFile: global region file not changed, skip building the trie"}
{"level":"info","time":"2023-12-05T12:25:52.806664649+01:00","message":"ConfigPhase2: received config phase2"}
{"level":"info","time":"2023-12-05T12:25:52.806820918+01:00","message":"ConfigPhase2: phase2 done, switched to new config ts:1701775516, version:94 (MaxTaskCount:1000 MaxAuthReqCount:4096)"}
{"level":"error","task":"439-5","time":"2023-12-05T12:27:16.5756033+01:00","message":"GetPortalClientConfig: portal CHLC_Portal was found, but no client config for req &{X.X.X.X luis.arizaga Windows 1ZP5FK3 false false false false}"}
{"level":"error","task":"439-5","time":"2023-12-05T12:27:16.57613947+01:00","message":"authLoop write: failed to send data to unixgram:@/tmp/authd.sock, error: write unixgram @/tmp/authd_client_GP_socket_1701775066.sock->@/tmp/authd.sock: write: connection refused"}
{"level":"error","time":"2023-12-05T12:27:16.576966802+01:00","message":"authLoop read: failed to receive data from auth, error: read unixgram @/tmp/authd_client_GP_socket_1701775066.sock->@/tmp/authd.sock: use of closed network connection"}
{"level":"error","time":"2023-12-05T12:27:17.577205202+01:00","message":"authLoop: connection to authd is broken, reconnecting"}
{"level":"info","time":"2023-12-05T12:27:17.577584189+01:00","message":"authLoop: connection to authd is established"}
{"level":"error","task":"439-5","time":"2023-12-05T12:27:17.628630724+01:00","message":"GetPortalClientConfig: portal CHLC_Portal was found, but no client config for req &{X.X.X.X luis.arizaga Windows 1ZP5FK3 false false false false}"}
{"level":"error","task":"439-5","time":"2023-12-05T12:27:17.629557248+01:00","message":"gpGetconfig: Failed to get portal config"}
Does anyone have a suggestion about how to tshoot this?
Thanks for your time.
Regards,
Luis
12-05-2023 05:08 AM
does the username contained inside the group (show user group name <yourgrouphere>) match EXACTLY with the username the authentication profile is receiving?
of group mapping has you as domain\user and your auth profile receives user@domain , that is not a match
you can fix that by changing the username modifier in the authentication profile, or changing the group mapping user attribute
12-05-2023 05:08 AM
does the username contained inside the group (show user group name <yourgrouphere>) match EXACTLY with the username the authentication profile is receiving?
of group mapping has you as domain\user and your auth profile receives user@domain , that is not a match
you can fix that by changing the username modifier in the authentication profile, or changing the group mapping user attribute
12-05-2023 05:26 AM
Indeed Reaper, I've solved this with the following steps, thanks!
I don't understand why it works but it does. Thanks.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
