IWA agent failing on AD user lookup Skip to main content
https://support.okta.com/help/answers?id=9062a000000bmktqay&refurl=http%3a%2f%2fsupport.okta.com%2fhelp%2fanswers
How satisfied are you with the Okta Help Center?
Thank you for your feedback!
How satisfied are you with the Okta Help Center?
1
2
3
4
5
Very Dissatisfied
Very satisfied
Enter content less than 200 characters.
Ask Search:
Michael MongeauMichael Mongeau 

IWA agent failing on AD user lookup

We have two instances of the IWA agent running in separate physical locations.  Both agent servers are part of our AD domain.  Both were working fine but after a recent office move and network reconfiguration at the backup site the IWA agent is not working.  

Both agents were installed using the same AD service account and settings.  When I browse to http://agent1/IWA/authenticated.aspx I see both the UserID and UPN from AD.  When I browse to the same URL on agent2 I only see the UserID.

The Okta Single Sign On event log is recording the errors.   

Failed to locate user 'CORP\user' in AD. Message: 'The user name or password is incorrect.

Is that referring to the credentials for the AD service account provided at the time the agent was installed?  I do not see how it could be wrong since it uses the same credentials as agent1, which is working fine.  Just to be sure, I reinstalled the agent on the backup server and it was successful but this error is still occurring.   

Does anyone have any suggestions?

Thanks,

  Michael
James GarvinJames Garvin (Okta)
Run the IWA Web App installer on the server that is failing and the installer should stop at the point where it can't authenticate the user.  
Michael MongeauMichael Mongeau
I ended up opening a case with Support and they had me remove the IWA agent application from our internal server AND delete the IWA agent definition in Okta.   I had done the first but not the second. That resolved the issue.

 Michael