cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

AD Auth stopped working

New here

AD Auth stopped working

Hello all,

 

I've been using AD Authentication through a SM agent method for quite a while without issue, until this week.

I am no longer able to, the apple phones give the generic login info wrong or missing error.

I at first tried restarting the SM agent on the workstation with no luck, eventually moving it to a VM with the agent installed.

Still no luck, so I installed wireshark on the VM and monitored LDAP port 389. Checking the connection configuration status on the dashboard gives a authentication test was done, shown by wireshark. Annoyingly in cleartext I might add. 

But when attempting to authenticate from multiple phones, no traffic.

 

Is anyone else experiencing issues? Is this an issue with Apple DEP, or with Meraki?

 

Thanks

5 REPLIES 5
Kind of a big deal

Re: AD Auth stopped working

The odd time I have had a problem a restart of the AD controller made it come right.

Kind of a big deal

Re: AD Auth stopped working

What machine is functioing as your AD proxy?  Have you tried rebooting that?

https://documentation.meraki.com/SM/Device_Enrollment/SM_Enrollment_Authentication#Active_Directory_...

Kind of a big deal

Re: AD Auth stopped working

Also experiencing a similar problem. It seems Meraki doesn't like having to DC's plugged in or it throws off the sync. I removed one DC and re-synced AD groups and it seemed to have solve the problem. 

Find this helpful? Click the kudos button. Thanks!
Getting noticed

Re: AD Auth stopped working

Hi Philip,
I have a supplementary question.

My colleague has set this up for us. He's not in the office at the moment.

How can I tell which machine is doing this work?

 

I've found where the Domain Controllers are specified.

I'm going to create a separate thread as I suspect my issue is different.

Getting noticed

Re: AD Auth stopped working

Our AD authenticaion via AD is also not working.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels