Forum Discussion

Gerald_Meese's avatar
Jun 27, 2017

APM change AD password failed (1523862124)

Hello,

 

I'm trying to implement a small change AD password page on F5 APM, simple HTTPS virtual server with access policy, as described on Internet : - logon page step 3 on checkbox, both post and session variable on change_password - AD Auth to my AD AAA pool.

 

I get to the logon page, the user is authenticated, only the password change itself does fail :

 

AD module: authenticate with 'test@DOMAIN.LOCAL' successfully

 

AD module: change password for 'test' failed: (1523862124)

 

AD module: (): (1523862124)

 

AD agent: Auth (logon attempt:0): failed to change password for 'test'

 

Anyone an idea ? Must again be something obvious but after several hours spent on the issue I still don't get it... And I'd like to have sorted out before my holidays tomorrow night :-)

 

Thanks !

 

Gerald

 

4 Replies

  • P_K's avatar
    P_K
    Icon for Altostratus rankAltostratus

    Assuming the users are located in AD, Does the credentials in your AAA server config have write permissions to AD controllers?

     

    Do a tcpdump and see what your AD pool members are sending back.

     

  • Thanks PK ! Found out that UDP 464 was not allowed to the DC's, problem solved...