|Applies To||RSA Product Set: NetWitness Logs & Network|
RSA Product/Service Type: SA Server
RSA Version/Condition: 10.6.6.0 and above
Platform: CentOS 6
|Issue||After upgrading to 10.6.6.0, users that authenticate using Active Directory are unable to login anymore.|
|Cause||One reason for this circumstance is if your Active Directory server is not configured to use TLS 1.2. For instance, Windows Server 2008 R2 may not have TLS 1.2 enabled right out of the box.|
|Resolution||You have two solutions:|
NOTE: RSA recommends that you re-enable TLS 1.2 on the SA Server at your earliest convenience. This workaround is only meant to enable your Analysts to work while the change is being made on the Windows side. By making this change, you are making your system less secure.
|Workaround||SSH to the SA Server.|
We will modify a puppet recipe and let the change propagate throughout the system.
You will see a line like the following towards the end of the file:
Note that TLSv1 and TLSv1.1 are in this list. We will be removing these values from this comma-separated list. We will then be left with the following:
Save this file. Then, we will propagate the changes using puppet with an agent run.
This will cause the jetty/UI service to restart. If it does not restart itself during the run, then you'll need to do it manually.
Then, attempt to login to the UI using your Active Directory login credentials and see if this resolved your issue.
|Notes||If you are still having an issue, please submit a case to RSA Technical Support and quote this KB article for further assistance.|