Banned User Function

Think you've found a bug? Post a description here.

Moderator: Serin

Post Reply
dcchannell
New User
Posts: 5
Joined: Sat Jan 10, 2015 2:20 pm

Banned User Function

Post by dcchannell » Tue Jan 26, 2016 8:35 am

I've notice that the Banned User Function seems to work only part of the time. I noticed the issue a several weeks ago. At first I thought it was not working in that my support for Cerberus had expired. Now that I have renewed support I'm finding that Banned User is still failing. I'm not sure what causes the failure. Below is an excerpt for my syslog server.

8 L01S11 - SFTP SERVER 01/26/2016 00:59:59.000 01/26/2016 01:00:16.000 EvntSLog
[INFO ] - Client Identification: SSH-2.0-libssh-0.5.2 3
9 L01S11 - SFTP SERVER 01/26/2016 01:00:00.000 01/26/2016 01:00:07.000 EvntSLog
[CONNECT] - Algorithm negotiation complete: Proceeding with key exchange 2
10 L01S11 - SFTP SERVER 01/26/2016 01:00:00.000 01/26/2016 01:00:07.000 EvntSLog
[CONNECT] - Kex: 'diffie-hellman-group1-sha1' Host Key: 'ssh-rsa' C2S : 'aes256-ctr, hmac-sha1, none' S2C : 'aes256-ctr, hmac-sha1, none' 2
11 L01S11 - SFTP SERVER 01/26/2016 01:00:00.000 01/26/2016 01:00:00.000 EvntSLog
[INFO ] - DH Key sizes: Server Public '1023', Private '1023', Client Public '1015' 1
12 L01S11 - SFTP SERVER 01/26/2016 01:00:02.000 01/26/2016 01:00:02.000 EvntSLog
[CONNECT] - Unable to retrieve AD user 'zhangyan' : The user name could not be found 2
13 L01S11 - SFTP SERVER 01/26/2016 01:00:02.000 01/26/2016 01:00:02.000 EvntSLog
[CONNECT] - Unable to find authentication methods for user 'zhangyan' : User not found 2
14 L01S11 - SFTP SERVER 01/26/2016 01:00:02.000 01/26/2016 01:00:02.000 EvntSLog
[CONNECT] - Authenticating password for user 'zhangyan' 1
15 L01S11 - SFTP SERVER 01/26/2016 01:00:02.000 01/26/2016 01:00:02.000 EvntSLog
[ERROR] - Unable to retrieve attributes for AD user 'zhangyan' : Unable to find user in 'LDAP://DC=mfg,DC=liggettgroup,DC=com' using search filter: (sAMAccountName=zhangyan) 1
16 L01S11 - SFTP SERVER 01/26/2016 01:00:02.000 01/26/2016 01:00:02.000 EvntSLog
[CONNECT] - Could not authenticate AD user 'zhangyan' on domain 'mfg.liggettgroup.com' : AD user 'zhangyan' is not a direct member of required security group 'AC-LG File Transfer System Access' 1
17 L01S11 - SFTP SERVER 01/26/2016 01:00:02.000 01/26/2016 01:00:02.000 EvntSLog
[CONNECT] - Could not authenticate Native user 'zhangyan' : Unable to find user 'zhangyan' 1
18 L01S11 - SFTP SERVER 01/26/2016 01:00:06.000 01/26/2016 01:00:14.000 EvntSLog
[CONNECT] - Closing connection: An existing connection was forcibly closed by the remote host. 2


The user zhangyan is on the Banned Users list. Even though, the system tries to authenticate the user. Normally I'd get a syslog entry stating that the banned user is on the banned user list. Interestingly enough, even when Banned User is working, the system still tries to authenticate the banned user account.

Regards,

David

User avatar
Serin
Site Administrator
Posts: 1785
Joined: Sat Jan 01, 2005 6:57 pm
Location: United States
Contact:

Re: Banned User Function

Post by Serin » Tue Feb 02, 2016 1:04 pm

Hello David,

We just fixed a bug in the banned user feature that resulted in what you are experiencing. Upgrade to 8.0.0.5 and it should resolve the issue.

Post Reply