AD Authentication Errors

dolinger · October 1, 2020, 1:49pm

Hoping for some support.

I recently upgraded my install from 1.3.1 to 1.3.2, using the MSI method. The upgrade seemed to hose everything completely. Services wouldn’t start, errors about PS1 files missing. I restored my VM and instead went to the 9/30 build of version 1.4. This upgrade went smoother. I played with the new features and interface. Restarted the server a couple times to make sure it came online after.

This morning I sit down to start my day and try to log in to the interface but am met with a bad password message. A few retries, same thing. Logging in with the local account works fine. I also verified that it is using the right config file because I modified the “Admin” username to something different, and that auth works fine.

The errors I see in the log are:

CORS policy execution failed. (09b6f179)
Authorization failed. (b15dd539)

adam · October 1, 2020, 2:44pm

Hey @dolinger

Apologies for the issue. This issue was actually known and the fix never made it into our production build through a mistake on my part. We are currently deploying a 1.4.1 to production and it will be available in the next 30 minutes or so.

Very embarrassing to have this one sneak through. Sorry about that.

dolinger · October 1, 2020, 2:59pm

Thanks, Adam. I restored my VM back so it is back up on an older version. Once I see the 1.4.1 release I will give that a shot.

dolinger · October 1, 2020, 3:15pm

I grabbed the latest MSI, it still had 1.4.0 for the filename, but the filesize was different than the previous 1.4.0 file I had.

I restored my VM back to the 1.3.1 install and upgraded to 1.4.1, but I am still seeing the same issue and the same messages in the log.

adam · October 1, 2020, 3:21pm

Can you try this link? https://imsreleases.blob.core.windows.net/universal/production/1.4.1/PowerShellUniversal.1.4.1.msi

It shouldn’t have the 1.4.0 file name.

dolinger · October 1, 2020, 3:41pm

That seems to have resolved the login issue.

But I am unable to browse to the Settings area, the menu option isn’t available. Browsing to the Settings from my browser history says the page isn’t available. This is when I log into UD with the local admin or my AD auth.

adam · October 1, 2020, 5:11pm

It sounds a bit like the authorization policies aren’t evaluating correctly. I take it you are using something similar to the example in our docs? https://docs.ironmansoftware.com/config/security#example-policy-based-on-active-directory-group-membership

Can you please enable debug logging? In the appsettings.json file, you’ll want to set the default value to Debug.

  "Logging": {
      "Path":"%PROGRAMDATA%/PowerShellUniversal/log.txt",
      "LogLevel": {
      "Default": "Debug",
      "Microsoft": "Warning",
      "Microsoft.Hosting.Lifetime": "Information"
      }
    },

Then please reproduce this issue and send me the log. That should help me diagnosis.

dolinger · October 1, 2020, 5:34pm

I didn’t see an attach option so I uploaded to PasteBin. This is just the start of the DBG lines.

https://pastebin.com/0YGpUvcS

adam · October 1, 2020, 6:43pm

Hi @dolinger,

Thanks for the log. Unfortunately, I’m not seeing anything standing out that would cause this to happen.

If you have a chance to try the 1.4.2 nightly build that would be very helpful as I’ve added some more logging to try and diagnosis this error: https://imsreleases.z19.web.core.windows.net/

I’ll continue to try and reproduce.

dolinger · October 1, 2020, 9:56pm

The 1.4.2 nightly has brought back the Settings node. Very weird.

Topic		Replies	Views
Problems logging in, version 1.1.1 PowerShell Universal	7	1328	June 7, 2020
Windows Authentication after upgrade to 2.0.3 PowerShell Universal	11	796	July 5, 2021
Published folder asking for creds PowerShell Universal	3	284	September 15, 2020
PowerShell Universal - 3.2.1 releases	1	301	August 13, 2022
PowerShell Universal - 3.6.2 releases	3	288	December 20, 2022

AD Authentication Errors

Related Topics