cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
NetTas
Level 8
Report Inappropriate Content
Message 1 of 3

MWG 7.3.2 - Unable to login to GUI

We have very recently upgraded to 7.3.2.1 from 7.3.0.2. All went well with the excpetion that GUI Administrators can no longer use the GUI.

There are some administrator accounts existing on the local UserDatebase - these users are able to connect to the WebGateway GUI

However most other administrators connect using their Authenticated NTLM credentials.

If you are a member of an Active Directory Global Group on a Domain that is authenicated to the Web Gateway appliances, and that Domain\Group is associated with a WebGateway Role, then we have been able to login to GUI using Domain\UserID and have the permissions associated with the role.

This stopped last night - considering there are 100's of administrators using the Web Gateway cluster that authenticate this way - well we have a problem.

The screen shot below shows when I test the user in CORE Domain, the "Authentication Test Results" show the User to be a member of "CORE\under test group".

Even though  "CORE\under test group" is associated with the "Super Administrator" Role, the  "Authentication Test Results" indicates to Role is not Mapped.

ntlm(1).png

I have created a work request with McAfee who are investigating this issue as I type - they are been very supportive and doing an excellent job.

It may be something at our end - but just in case this is for the community's imformation.

Andrew G

2 Replies
eelsasser
McAfee Retired
McAfee Retired
Report Inappropriate Content
Message 2 of 3

Re: MWG 7.3.2 - Unable to login to GUI

I've heard about this before. I'm not sure if it was on communities or internal, but you have to use a double backslash.

Capture.png

NetTas
Level 8
Report Inappropriate Content
Message 3 of 3

Re: MWG 7.3.2 - Unable to login to GUI

Thanks for the info above eelsasser - could not seem to make that suggestion work - but I'm Tasmanian after all.

However, McAfee support have provided a work-around - basically remove the Domain reference in the "Authentication Server Group => Role Mapping" section. ie. using above diagram -

"CORE\under test group => Super Administrator" becomes "under test group => Super Administrator"

All now works a treat. This will be addressed with the next update by McAfee

Can I say how impressed I was with the level of support and enthusiasm from the McFee Support Team.

Andrew G

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community