AD Auth stopped working

OhYou_
New here

AD Auth stopped working

Hello all,

 

I've been using AD Authentication through a SM agent method for quite a while without issue, until this week.

I am no longer able to, the apple phones give the generic login info wrong or missing error.

I at first tried restarting the SM agent on the workstation with no luck, eventually moving it to a VM with the agent installed.

Still no luck, so I installed wireshark on the VM and monitored LDAP port 389. Checking the connection configuration status on the dashboard gives a authentication test was done, shown by wireshark. Annoyingly in cleartext I might add. 

But when attempting to authenticate from multiple phones, no traffic.

 

Is anyone else experiencing issues? Is this an issue with Apple DEP, or with Meraki?

 

Thanks

5 Replies 5
PhilipDAth
Kind of a big deal
Kind of a big deal

The odd time I have had a problem a restart of the AD controller made it come right.

PhilipDAth
Kind of a big deal
Kind of a big deal

What machine is functioing as your AD proxy?  Have you tried rebooting that?

https://documentation.meraki.com/SM/Device_Enrollment/SM_Enrollment_Authentication#Active_Directory_...

GavinMcMenemy
Building a reputation

Hi Philip,
I have a supplementary question.

My colleague has set this up for us. He's not in the office at the moment.

How can I tell which machine is doing this work?

 

I've found where the Domain Controllers are specified.

I'm going to create a separate thread as I suspect my issue is different.

jared_f
Kind of a big deal

Also experiencing a similar problem. It seems Meraki doesn't like having to DC's plugged in or it throws off the sync. I removed one DC and re-synced AD groups and it seemed to have solve the problem. 

Find this helpful? Click the kudos button. Thanks!
GavinMcMenemy
Building a reputation

Our AD authenticaion via AD is also not working.
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels