Authentication Failure with user Null
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-04-2022 10:18 PM
Hi,
I am facing an issue in active directory and ServiceNow - Addusers to multiple group activity.
below is an error which is occurring for last few days
"Authentication failure with the user null'"
Could you please advise on how to fix this?
Regards,
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-04-2022 11:08 PM
Below is the error in logs:-
Tried Credential: name=test123, affinity: no, status=failed, sysid=b8b14c61db2f5b0480e488805b961819, username=test123, type=Windows, order=100
2022-10-05 00:31:11 Tried Credential: name=testorchest, affinity: no, status=failed, sysid=7e2d9cbddb64db0014d6d3ca4b961345, username=testorchest, type=Windows, order=500
2022-10-05 00:31:14 Tried Credential: name=testwindow, affinity: no, status=failed, sysid=572fb1f6dbc42010b0765b73f39619ff, username=null, type=Windows, order=99999
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-05-2022 12:20 AM
Solution
On the DirectAccess server, run the following Windows PowerShell commands:
Get the list of configured OTP issuing CAs and check the value of 'CAServer': Get-DAOtpAuthentication
Make sure that the CAs are configured as a management servers: Get-DAMgmtServer -Type All
Make sure that the client computer has established the infrastructure tunnel: In the Windows Firewall with Advanced Security console, expand Monitoring/Security Associations, click Main Mode, and make sure that the IPsec security associations appear with the correct remote addresses for your DirectAccess configuration.
Greeting,
Rachel Gomez
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-05-2022 12:20 AM
Solution
On the DirectAccess server, run the following Windows PowerShell commands:
Get the list of configured OTP issuing CAs and check the value of 'CA Server': Get-DAOtp Authentication
Make sure that the CAs are configured as a management servers: Get-DAMgmtServer -Type All
Make sure that the client computer has established the infrastructure tunnel: In the Windows Firewall with Advanced Security console, expand Monitoring/Security Associations, click Main Mode, and make sure that the IPsec security associations appear with the correct remote addresses for your DirectAccess configuration.
Greeting,
Rachel Gomez
