Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

End-User Quarantine (EUQ) login fails sometimes in Interscan Messaging Security Virtual Appliance (IMSVA)

    • Updated:
    • 8 Oct 2021
    • Product/Version:
    • Interscan Messaging Security Virtual Appliance 9.1
    • Interscan Messaging Security Virtual Appliance 9.1
    • Platform:
Summary
You observe that sometimes some users are not able to log in to the EUQ, getting invalid credentials error messages. However, after trying multiple times the user may be able to log in.

The following messages show up in the imssuieuq debug logs (located under /opt/trend/imss/log/) for the failed login attempts:

2021/06/04 10:06:35 GMT+02:00 [23814:2658048880] [DIAGNOSTIC]User test_user login
2021/06/04 10:06:35 GMT+02:00 [23814:2658048880] [DEBUG]UserDAO::loginName2UserName base dn=DC=mydomain,DC=local, login name=test_user
2021/06/04 10:06:35 GMT+02:00 [23814:2658048880] [DIAGNOSTIC]UserDAO::loginName2UserName domain=, account=test_user
2021/06/04 10:06:35 GMT+02:00 [23814:2658048880] [DEBUG]UserDAO::getAllUserNameByAccount account=test_user
2021/06/04 10:06:35 GMT+02:00 [23814:2658048880] [DIAGNOSTIC]filter: (&(|(objectClass=user)(objectCategory=person))(sAMAccountName=test_user)), attribute name:userPrincipalName
2021/06/04 10:06:35 GMT+02:00 [23814:2658048880] [DEBUG]TmLDAPConnection::search Base DN: DC=mydomain,DC=local, scope: 2, filter: (&(|(objectClass=user)(objectCategory=person))(sAMAccountName=test_user)), connection state:5
2021/06/04 10:06:35 GMT+02:00 [23814:2658048880] [DIAGNOSTIC]Can't get user name from login name test_user
2021/06/04 10:06:35 GMT+02:00 [23814:2658048880] [DIAGNOSTIC]User test_user ldap authentication failed.
2021/06/04 10:06:35 GMT+02:00 [23814:2658048880] [DETAIL]LDAP authentication test_user failed, unknown error.


You have an Active Directory (AD) environment with multiple Organization Units (OU) separated with Access Control Lists.
Details
Public
This issue occurs due to IMSVA making bindings to the LDAP server with different users and re-using them to perform LDAP searches. For example, after a successful login from a user in the EUQ, IMSVA may re-use the same binding to search for the next user trying to log in to the EUQ. If the user used to perform the binding does not have access rights to the OU of the new user trying to authenticate to the EUQ, then the LDAP server will return no results and the authentication will fail.

To solve this issue, install IMSVA 9.1 Hotfix Build 2081. With this hotfix, the IMSVA LDAP connection will be disconnected after authentication, and a new LDAP connection will be established for the next user.
Premium
Internal
Partner
Rating:
Category:
Configure; Troubleshoot; Upgrade
Solution Id:
000288732
Feedback
Did this article help you?

Thank you for your feedback!


*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.