cancel
Showing results for 
Search instead for 
Did you mean: 
ifrank
Level 9

Handling DC communication problems?

Jump to solution

I've had cases where communication with domain controllers was failing (seen in the dashboard as "The following domain(s) can't be contacted: xxx.xx (Origin: Authentication, ID: 903, xx times within last xx minutes). So I have an incident ID. I am still unable to precede or modify the authentication rule to handle this incident. If authentication fails users are blocked because of it. Sure I can do a fail open in my policy assignments further down in the Rule Sets, yet in order to workaround a failing DC communication I still have to manually disable the auth rule itself.

Has anyone found a smarter way dealing with this?

0 Kudos
1 Solution

Accepted Solutions
amart
Level 9

Re: Handling DC communication problems?

Jump to solution

You can use Authentication.FailureReason.Id property for fail over, it is set to 8 if communication with DC failed.

Regards,

Andrei.

2 Replies
amart
Level 9

Re: Handling DC communication problems?

Jump to solution

You can use Authentication.FailureReason.Id property for fail over, it is set to 8 if communication with DC failed.

Regards,

Andrei.

ifrank
Level 9

Re: Handling DC communication problems?

Jump to solution

This works beautifully.

One follow-up question, because I couldn't find this answered in the documentation, whether there's a list of all potential return values? I'm asking because I'd like to see whether there's maybe other cases that I could include in my rule that assigns a default policy.

0 Kudos