Hello,
I'm getting an error message when I try to log in to WAPT Self-Service: "Incorrect username or password." This has never happened on other machines, but it's consistent on this one.
I've added the user to the waptselfservice security group and I'm using my Windows login credentials, as usual. I ran `gpresult /r` and I can see that the machine is applying the GPO. I'm sure of my password.
The worst part is that I deleted the waptselfservice security group to see what would happen, and... the error message didn't change! It should be saying "There are no self-service rules present on the machine."
To top it all off, I tried removing the machine from the WAPT console to start over from scratch. And now I can't recover it, even though the agent is still installed on that client machine.
I should mention that I've rebooted countless times.
Thank you for all your help! I've been stuck for hours. (>0
WAPT server 1.8.2.7267: a W16 server,
client: W10, WAPTagent Community 1.8.2.7267)
Self-Service: Authentication problem
Forum Rules
Community Forum Rules
* English support on www.reddit.com/r/wapt
* French community support is available on this forum
* Please prefix the topic title with [RESOLVED] if it is resolved.
* Please do not edit a topic that is tagged [RESOLVED]. Open a new topic referencing the old one.
* Specify the installed WAPT version, full version, and build number (2.2.1.11957 / 2.2.2.12337 / etc.) as well as the Enterprise/Discovery edition.
* Versions 1.8.2 and earlier are no longer supported. The only questions accepted regarding version 1.8.2 are related to upgrading to a supported version (2.1, 2.2, etc.).
* Specify the server OS (Linux/Windows) and version (Debian Buster/Bullseye - CentOS 7 - Windows Server 2012/2016/2019).
* Specify the OS of the administration/package creation machine and the machine with the problematic agent, if applicable (Windows 7/10/11/Debian 11/etc.).
* Avoid asking multiple questions when opening a topic, otherwise it may be ignored. If there are multiple topics, open separate topics, preferably one after the other and not all at the same time (i.e., do not spam the forum).
* Include code snippets, screenshots, and other images directly in the post. Links to Pastebin, Bitly, and other third-party sites will be systematically removed.
* As with any community forum, support is provided voluntarily by members. If you require commercial support, you can contact Tranquil IT's sales department at 02.40.97.57.55
Community Forum Rules
* English support on www.reddit.com/r/wapt
* French community support is available on this forum
* Please prefix the topic title with [RESOLVED] if it is resolved.
* Please do not edit a topic that is tagged [RESOLVED]. Open a new topic referencing the old one.
* Specify the installed WAPT version, full version, and build number (2.2.1.11957 / 2.2.2.12337 / etc.) as well as the Enterprise/Discovery edition.
* Versions 1.8.2 and earlier are no longer supported. The only questions accepted regarding version 1.8.2 are related to upgrading to a supported version (2.1, 2.2, etc.).
* Specify the server OS (Linux/Windows) and version (Debian Buster/Bullseye - CentOS 7 - Windows Server 2012/2016/2019).
* Specify the OS of the administration/package creation machine and the machine with the problematic agent, if applicable (Windows 7/10/11/Debian 11/etc.).
* Avoid asking multiple questions when opening a topic, otherwise it may be ignored. If there are multiple topics, open separate topics, preferably one after the other and not all at the same time (i.e., do not spam the forum).
* Include code snippets, screenshots, and other images directly in the post. Links to Pastebin, Bitly, and other third-party sites will be systematically removed.
* As with any community forum, support is provided voluntarily by members. If you require commercial support, you can contact Tranquil IT's sales department at 02.40.97.57.55
Good morning,
I invite you to log in as a local administrator to uninstall and then manually install the WAPT agent.
Once reinstalled, run the command
Once the machine is back up in WAPT, install the following package on the machine to anticipate connection issues with Self Service:
https://store.wapt.fr/store/tis-audit-service-netlogon
Sincerely,
Jimmy
I invite you to log in as a local administrator to uninstall and then manually install the WAPT agent.
Once reinstalled, run the command
Code: Select all
wapt-get registerhttps://store.wapt.fr/store/tis-audit-service-netlogon
Sincerely,
Jimmy
Hello,
I managed to get my machine back up and running in the console. However, the tis-audit-service-netlogon package wasn't enough to resolve my authentication issue.
I think there are blocked connections between my client machine, my WAPT server, and my Active Directory server. I based https://www.wapt.fr/fr/doc/wapt-securit ... ewall.html my firewall rules
I managed to get my machine back up and running in the console. However, the tis-audit-service-netlogon package wasn't enough to resolve my authentication issue.
I think there are blocked connections between my client machine, my WAPT server, and my Active Directory server. I based https://www.wapt.fr/fr/doc/wapt-securit ... ewall.html my firewall rules
-
sfonteneau
- WAPT Expert
- Messages: 2318
- Registered: July 10, 2014 - 11:52 PM
- Contact :
Hello,
if you are using the enterprise version, I recommend switching to "waptserver-ldap" mode:
https://www.wapt.fr/fr/doc/wapt-usage/w ... elfservice
Wapt uses "win32security.LogonUser" in Python: https://www.programcreek.com/python/exa ... .LogonUser
However, this sometimes doesn't work well; using waptserver-ldap is more reliable.
Simon
if you are using the enterprise version, I recommend switching to "waptserver-ldap" mode:
https://www.wapt.fr/fr/doc/wapt-usage/w ... elfservice
Wapt uses "win32security.LogonUser" in Python: https://www.programcreek.com/python/exa ... .LogonUser
However, this sometimes doesn't work well; using waptserver-ldap is more reliable.
Simon
Hello,
I am indeed using the Community version.
It's possible the problem stems from my VPN connection: WAPT might be using my local PC's network interface IP address (instead of the IP address provided by the VPN), and the firewall doesn't like that.
Is it possible to force WAPT to use a different network interface?
Or perhaps at least to only launch the service after I've established my VPN connection?
Thank you in advance.
I am indeed using the Community version.
It's possible the problem stems from my VPN connection: WAPT might be using my local PC's network interface IP address (instead of the IP address provided by the VPN), and the firewall doesn't like that.
Is it possible to force WAPT to use a different network interface?
Or perhaps at least to only launch the service after I've established my VPN connection?
Thank you in advance.
-
sfonteneau
- WAPT Expert
- Messages: 2318
- Registered: July 10, 2014 - 11:52 PM
- Contact :
Indeed, in my opinion, it's due to the VPN
When the machine starts, the domain controller is unavailable because the VPN is not up, so the machine has no TGT. And I don't believe the machine attempts to renegotiate it later.
And so it seems to me that indeed that doesn't like it.
I don't have a solution for this type of case in the Community version.
If you find a way to force the negotiation of a TGT when the VPN connects, then that could solve the problem.
When the machine starts, the domain controller is unavailable because the VPN is not up, so the machine has no TGT. And I don't believe the machine attempts to renegotiate it later.
And so it seems to me that indeed that
Code: Select all
win32security.LogonUserI don't have a solution for this type of case in the Community version.
If you find a way to force the negotiation of a TGT when the VPN connects, then that could solve the problem.
Hello,
I tried accessing the Self-Service portal while directly connected to the network, without a VPN. Same problem.
It's as if the error is independent of the network, with authentication linked to the operating system (https://www.wapt.fr/fr/doc/wapt-usage/w ... elfservice).
Could you please explain the authentication mechanism in more detail?
Thank you for your help.
I tried accessing the Self-Service portal while directly connected to the network, without a VPN. Same problem.
It's as if the error is independent of the network, with authentication linked to the operating system (https://www.wapt.fr/fr/doc/wapt-usage/w ... elfservice).
Could you please explain the authentication mechanism in more detail?
Thank you for your help.
