<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D50Z00008G7VIlSANOkta Classic EngineAdministrationAnswered2018-09-05T01:27:50.000Z2017-01-21T14:44:58.000Z2017-01-21T14:44:58.000Z

Michael Mongeau (Customer) asked a question.

Edited by varun.kavoori1.5210444522562532E12 September 5, 2018 at 1:19 AM
IWA agent failing on AD user lookup
We have two instances of the IWA agent running in separate physical locations.  Both agent servers are part of our AD domain.  Both were working fine but after a recent office move and network reconfiguration at the backup site the IWA agent is not working.  

 

Both agents were installed using the same AD service account and settings.  When I browse to http://agent1/IWA/authenticated.aspx I see both the UserID and UPN from AD.  When I browse to the same URL on agent2 I only see the UserID.

 

The Okta Single Sign On event log is recording the errors.   

 

Failed to locate user 'CORP\user' in AD. Message: 'The user name or password is incorrect.

 

Is that referring to the credentials for the AD service account provided at the time the agent was installed?  I do not see how it could be wrong since it uses the same credentials as agent1, which is working fine.  Just to be sure, I reinstalled the agent on the backup server and it was successful but this error is still occurring.   

 

Does anyone have any suggestions?

 

Thanks,

 

  Michael
  • 2 answers
  • 847 views

  • James Garvin - Okta (Okta)

    Run the IWA Web App installer on the server that is failing and the installer should stop at the point where it can't authenticate the user.

  • Michael Mongeau (Customer)

    I ended up opening a case with Support and they had me remove the IWA agent application from our internal server AND delete the IWA agent definition in Okta.   I had done the first but not the second. That resolved the issue.

     

     Michael

This question is closed.
Loading
IWA agent failing on AD user lookup