Community Home > Airheads Community Knowledge Base > Support Knowledge Base > Knowledge Base Knowledge Base > Aruba Support KBs Knowledge Base > AAA, NAC, Guest Access & BYOD > Machine authentication fails when ssid profile pus.

I'm setting a postfix server as relay to an account in office 365.

I configure the main file /etc/postfix/main.cf as follows:

Also made a sasl_password file:

And applied the postmap command:

The messages are not delivered and log show the next message

The postfix version is 3.2.3 in a CentOS 6.10

I configured the Postfix's log to more verbose output; then i tested with Telnet command from another host.I'll paste the primitive and the output from postfix separate by signs:

It seems postfix isn't even using sasl_passwd.db file generated with postmap.

What am i missing?

Thanks for help

2 Answers

I ask another account and the authentication works and the messages can be delivered.

when you reload postfix, can you see anything missing in /var/log/mail or maillog file from postfix? In some cases it tells you what is missing. If you only see it is reloading fine, then you probably have to check master.cf file and try to commented out:

Also you can see what is live postfix configuration by doing 'postconf -n'

Any changes made, require 'postmap filename' for db files to be regenerated and postfix reloaded. Different to alias.db, use 'postalias alias' to regenerate alias.db

Not the answer you're looking for? Browse other questions tagged authenticationoffice365postfix-mta or ask your own question.

We have one Mac client running Outlook 2011 who can no longer connect to their mailbox. They receive an authentication failed message, and a prompt to re-enter their credentials. The issue started just after we renewed the public cert we have applied to Exchange 2010. All services appear to have taken the renewed certificate, IIS, SMTP, POP3, IMAP. We have other Mac and Windows clients both internal and externally who do work still, as well as mobile devices.

On the problem mac, I have removed and attempted to re-add the exchange account for this user. I've also tried to add another users mailbox, for both authentication fails. I've created a new identity, but still have the issue.

I can however access this users account from another Mac, PC, and through webmail. I've tried enabling basic authenication on the EWS directory, but no change. Is there something that is being cached here? I'm out of ideas, if anyone had any thoughts I'd really appreciate it.

One last thing, there are logs in the event log on the exchange server each time the client tries to connect.

Log Name: Security
Source: Microsoft-Windows-Security-Auditing
Date: 3/6/2014 3:27:07 PM
Event ID: 4625
Task Category: Logon
Level: Information
Keywords: Audit Failure
User: N/A
Computer: server.domain..com
Description:
An account failed to log on.
Subject:
Security ID:NULL SID
Account Name:-
Account Domain:-
Logon ID:0x0
Logon Type:3
Account For Which Logon Failed:
Security ID:NULL SID
Account Name:
Account Domain:
Failure Information:
Failure Reason:An Error occured during Logon.
Status:0x80090308
Sub Status:0x0
Process Information:
Caller Process ID:0x0
Caller Process Name:-
Network Information:
Workstation Name:
Source Network Address:x.x.x.x
Source Port:27751
Detailed Authentication Information:

Aaa Authentication Failure For Client Mac Wlan User Reason Authentication Failed

Logon Process:

Aaa Authentication Failure For Client Mac Reason Authentication Failed

Authentication Package:NTLM
Transited Services:-
Package Name (NTLM only):-
Key Length:0
This event is generated when a logon request fails. It is generated on the computer where access was attempted.
The Subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.
The Logon Type field indicates the kind of logon that was requested. The most common types are 2 (interactive) and 3 (network).
The Process Information fields indicate which account and process on the system requested the logon.
The Network Information fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.
The authentication information fields provide detailed information about this specific logon request.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.