AD authentication failure / Clarification on AD Authentication

[nunofranciscomoreira]

AD authentication failure / Clarification on AD Authentication

Request Type

Bug

Work Environment

Question	Answer
OS version (server)	CentOS
OS version (client)	7
Cortex version / git hash	3.1.3
Package Type	Binary

Problem Description

Describe the problem/bug as clearly as possible.

We are failing to authenticate to Active Directory with the format of user@acme.com.

The same configuration works for thehive, but not for cortex.

https://github.com/TheHive-Project/TheHive/issues/1453 this one may be related

Steps to Reproduce

1. Setup Cortex and modify the application.conf to use the ad provider. provider = [local,ad] ad { domainName="ACME" domainFQDN="acme.local" useSSL=true hosts=[DC1.acme.local] defaultUserDomain: "acme.com" }
2. Try to login and fail miserably

Complementary information

(add anything that can help identifying the problem such as log excerpts, screenshots, configuration dumps etc.)

The error is as follows: [error] o.e.s.a.ADAuthSrv - AD authentication failure javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C090447, comment: AcceptSecurityContext error, data 52e, v3839] at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3261) at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3207) at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2993) at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2907) at com.sun.jndi.ldap.LdapCtx.(LdapCtx.java:347) at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxFromUrl(LdapCtxFactory.java:225) at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:189) at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:243) at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:154) at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:84)