- Community Home
- >
- Networking
- >
- IMC
- >
- Re: iMC_UAM_7.1_E0302P06 changes/breaks computer a...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-12-2015 10:07 AM
01-12-2015 10:07 AM
iMC_UAM_7.1_E0302P06 changes/breaks computer authentication!!!??
I tested iMC_UAM_7.1_E0302P06 update. My windows machine authentication using PEAP/mschapV2 and the computer account does not work, giving this error:
Account Name computer
Login Name host/WS500X.domain.com
Authentication Failure Cause E63121::receive no packet from mschapv2server.
Failed at 2015-01-11 11:45:46
User IP Address
User MAC Address B8:AC:6F:32:B3:46
Device IP 10.10.100.133
Device NAT IP 10.10.100.133
Port 0
Device SN
IMSI
Service Name PEAP_Computer_acc_svc
VLAN ID/Inner VLAN ID 27
Outer VLAN ID
User SSID
Computer Name
Windows Domain
Not sure where the Inner VLAN ID of 27 is coming from as I don't specify one.
The update changes how Domain Controller-Assisted PEAP Authentication is configured, moving it from a global configuration to a part of the LDAP server configuration.
In the read me under features added:
9. LDAP servers can use different domain controllers for MS-CHAPv2 authentication. This feature is configurable under User > User Access Policy > LDAP Service > LDAP Server .
And modified:
4.The LDAP parameters were moved from the system parameter settings page to the LDAP Service menu. This feature is configurable under User > User Access Policy > LDAP Service > LDAP Parameters.
Under Other problems:
PEAP-MSCHAPv2 is not supported by PCs using machine authentication.
So how is the computer authentication now supposed to work??
Is it temporarily broken and will be fixed, or is it eliminated?
This is a big change without much documentation except as above. My authentication strategy has been using this for the last few years in PCM and now IMC - now its not supported anymore??? Not happy about this.
I was not able to do extensive testing - I only have the production instance at this time - I snapshotted it fortunately before deploying and testing this update, so I rolled it back.
Any insight on this would be appreciated. If you use computer authentication beware of this update!
BTW the ability to use multiple DC's is handy but still....
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-28-2015 04:27 PM
01-28-2015 04:27 PM
Re: iMC_UAM_7.1_E0302P06 changes/breaks computer authentication!!!??
HI
I have the same problem after installing patch 06
Beside this one i have also
E63120::Domain controller infomation error
Have you got simiilar ?
I have notice tonigh that P07 has beed released, I am trying to check it
Besides I am still expiriencing instability: from time to time my server is unreachable from the switch
can't reach radius server
I have got also intsalled UAM subserver but it behave the same way
best regards :)
I would appriaciate any suggestions
K
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-29-2015 04:43 PM - edited 01-29-2015 04:44 PM
01-29-2015 04:43 PM - edited 01-29-2015 04:44 PM
Re: iMC_UAM_7.1_E0302P06 changes/breaks computer authentication!!!??
I run IMC as VM, so I snapshot the VM before the upgrade. After I discovered/verfiied the issue I reverted to the original state, as my production system depends on machine authentication via PEAP- MSCHAP. So I can't comment further on symptoms.
Without that, new users cannot log into a machine unless a Domain controller is visible on a restricted network. Additionally if a different VLAN is assigned, the the IP address changes, making remote desktop break becuase the ip changes after login and the remote session can't follow that.
UAM 7.1E0302P07 is posted. They put the wrong release notes on the web site, TAM instead of UAM, so you need to download the whole package. Fortunately the correct release notes are included. Lots of fixes and features, but still
Other Problems:
- PEAP-MSCHAPv2 is not supported by PCs using machine authentication
I've asked for clarification on this from HP but no answer yet: Broken forever or just for this release. Can't go further without it or else I have to redesign my whole authentication system
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-30-2015 03:57 AM
01-30-2015 03:57 AM
Re: iMC_UAM_7.1_E0302P06 changes/breaks computer authentication!!!??
Hi
I have installed P07 but without impact on the issue with mschapv2, I have also sent question to OBP, must wait...
I have seen this notice on PC machine and PEAP-MSCHAPv2, it is a little bit strange that HP has released software version that has limitation in comparison to earlier version
Yestarday I have installed second test server HP IMC with UAM on Wondows Server (my first is on Linux RedHat) but withou patches and observing problem with radius availability from switch
It seems i canot use patches in this moment and I am considering changing to EAP-TLS, because client want to add additional domains
I have no snapshot of machine so I thinkd the only solution for me to return to IMC UAM prior patch 06 is reinstall HP IMC UAM but not shure if any changes in databases structure
best regards
Karol
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-15-2015 12:02 AM
07-15-2015 12:02 AM
Re: iMC_UAM_7.1_E0302P06 changes/breaks computer authentication!!!??
This issue is fixed with P14 release .
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-15-2015 11:13 AM
07-15-2015 11:13 AM
Re: iMC_UAM_7.1_E0302P06 changes/breaks computer authentication!!!??
I did deploy that update and noted the result in a separate post. It has been working fine so far
Computer auth FIXED in UAM E0302P14
Should have updated this post as well. Thx for the reply