logo

Knowledge Base

Access official resources from Carbon Black experts

IMPORTANT ANNOUNCEMENT: On May 6, 2024, Carbon Black User eXchange (UeX) and Case Management will move to a new platform!
The Community will be in read-only mode starting April 19th, 7:00 AM PDT. Check out the blog post!
You will still be able to use the case portal to create and interact with your support cases until the transition, view more information here!

App Control: Remediating Unified Management Authentication Errors

App Control: Remediating Unified Management Authentication Errors

Environment

  • App Control Server: All Supported Versions

Objective

How to remediate various authentication errors when configuring Unified Management in App Control. 

Resolution

Authentication MessageReasonResolution
Server is reachable but authentication failed or required permissions are not assigned.Account used to retrieve authentication token is missing permissions, does not exist, or the App Control Server service is not running.Ensure the account used to authenticate exists on the client server and is assigned a User Role with the Administration permission, "Use Unified Management".
Verify App Control Server Service on client service is running.
Server is not reachable. Authentication could not be tested.The Server URL is incorrect, the system is not reachable over https, or App Control Server is not installed on the client machine.Check the name, network connection, and server status of the client server.
Remote server does not support TLS 1.2, please upgrade it to latest version.Misconfigured TLS settings or cipher suites.Verify client server is using a compatible Schannel configuration.
The remote server needs to be at least version X.App Control Server version running on client machine does not support Unified Management.Upgrade software on client machine to a supported version of App Control Server.

Additional Notes

  • When authenticating Unified Management, the management server is making an API call over port 443 using the specified credentials to get an authentication token from the client server.
  • The management server only uses the credentials to retrieve an authentication token and does not store the password.
  • After the connection to the client server is authenticated, the management server remains authenticated unless the server URL is changed.
  • A user accessing a client server from the management server has the permissions of the account that is used to authenticate the connection, not their own permissions.
  • When a user accesses a client server from the management server, actions the user takes appear in events as having been performed by the authentication account, not the logged-in user.

Related Content


Labels (1)
Labels:
Tags (2)
Was this article helpful? Yes No
No ratings
Article Information
Author:
CB_Support
Creation Date:
‎11-16-2023
Views:
117
Contributors
logo

Copyright © 2005-2023 Broadcom. All Rights Reserved. The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries.