メインコンテンツまでスキップ
NetApp Response to Russia-Ukraine Cyber Threat
In response to the recent rise in cyber threat due to the Russian-Ukraine crisis, NetApp is actively monitoring the global security intelligence and updating our cybersecurity measures. We follow U.S. Federal Government guidance and remain on high alert. Customers are encouraged to monitor the Cybersecurity and Infrastructure Security (CISA) website for new information as it develops and remain on high alert.

OnCommand Insight は、同じユーザからの認証要求で Active Directory サーバをフラッディングしています

Views:
32
Visibility:
Public
Votes:
0
Category:
oncommand-insight
Specialty:
oci
Last Updated:

に適用されます

  • OnCommand Insight 7.3.8 および 7.3.9 、 Linux インストール( OCI ) / Windows インストール( OCI )
  • OCI Java クライアントを使用しています
  • OCI ユーザの認証サーバとしての Active Directory

問題

多くの認証要求が OCI サーバから Active Directory サーバに送信されます。ログは次のように表示されます。

  • ldap.logでは、ほぼ毎秒、多くのエラーが表示されます。

2020-05-13 11:00:40,633 ERROR [default task-5698] ldap (LdapUser.java:666) - Failed to find user:<domain>\<username> url:ldap://<domain>.local
[LDAP: error code 49 - 80090308: LdapErr: DSID-0C090446, comment: AcceptSecurityContext error, data 52e, v2580 ]
javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C090446, comment: AcceptSecurityContext error, data 52e, v2580 ]

  • sanscreen-client.log/.../users/<username>OCI Java クライアントが OCI にアクセスしている Windows のディレクトリに、同じタイムスタンプが格納されています。

2020-05-13 11:00:40,584 ERROR [pool-5-thread-2] com.onaro.sanscreen.client.view.refresh.RefreshManager (RefreshManager.java:294) - Error retrieving refresh data
javax.ejb.NoSuchEJBException: EJBCLIENT000079: Unable to discover destination for request for EJB StatelessEJBLocator for "/compose/UpdateTimeBean", view is interface com.onaro.sanscreen.server.interfaces.remote.UpdateTimeRemote, affinity is URI<remote+https://<Active_Directory_ip>:443>
...
Suppressed: org.jboss.ejb.client.RequestSendFailedException
...
Caused by: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed:
   JBOSS-LOCAL-USER: javax.security.sasl.SaslException: ELY05128: Failed to read challenge file [Caused by java.io.FileNotFoundException: \opt\netapp\oci\wildfly\standalone\tmp\auth\local1382964346588876633.challenge (Das System kann den angegebenen Pfad nicht finden)]
   PLAIN: javax.security.sasl.SaslException: PLAIN: Server rejected authentication

 

 

Scan to view the article on your device
CUSTOMER EXCLUSIVE CONTENT

Registered NetApp customers get unlimited access to our dynamic Knowledge Base.

New authoritative content is published and updated each day by our team of experts.

Current Customer or Partner?

Sign In for unlimited access

New to NetApp?

Learn more about our award-winning Support