What causes authentication failures on a Cisco WSA when LDAP is used for authentication?
Click on the arrows to vote for the correct answer
A. B. C. D.B.
https://www.cisco.com/c/en/us/td/docs/security/wsa/wsa11-0/user_guide/b_WSA_UserGuide/b_WSA_UserGuide_appendix_011001.htmlWhen LDAP (Lightweight Directory Access Protocol) is used for authentication on a Cisco Web Security Appliance (WSA), authentication failures can occur due to several reasons:
A. Passphrase length: One of the reasons for authentication failure can be a passphrase containing only 5 characters. This is because WSA's LDAP authentication policy may have a minimum passphrase length requirement that needs to be met. If the passphrase is too short, it may not meet the requirement and authentication may fail.
B. Non-ASCII characters: Another reason for authentication failure can be the presence of non-ASCII characters in the passphrase. This is because LDAP authentication on WSA may not support non-ASCII characters, which can cause authentication to fail.
C. Special characters: The presence of specific special characters, such as "~@#$%^", in the passphrase can also cause authentication failure. This is because these characters may not be supported by WSA's LDAP authentication policy.
D. Passphrase length: The length of the passphrase can also cause authentication failure. While WSA's LDAP authentication policy may not have a maximum passphrase length requirement, the LDAP server used for authentication may have a limit on the maximum length of the passphrase. If the passphrase exceeds this limit, authentication may fail.
In summary, authentication failures on a Cisco WSA when LDAP is used for authentication can occur due to various reasons, including passphrase length requirements, non-ASCII characters, specific special characters, and passphrase length limits set by the LDAP server.