User getting "Access Denied (policy_denied)" message accessing any Web site via WSS Agent
search cancel

User getting "Access Denied (policy_denied)" message accessing any Web site via WSS Agent

book

Article ID: 233583

calendar_today

Updated On:

Products

Cloud Secure Web Gateway - Cloud SWG

Issue/Introduction

One specific user cannot access any website (including http://pod.threatpulse.com) through WSS without getting an "Access Denied (policy_denied)" 

Had been working fine previously.

WSS agent installed on Windows platform

WSS showed it connected to WSS data center (GUSDM) successfully.

Tried to reconnect WSS Agent, disable/enable the Agent but still the experience the same error.

 

Environment

Auth Connector running on Windows 2019 Server member server

 

Cause

Active directory had locked the user and Auth COnnector could not retrieve users groups

Resolution

Unlock the user object from Active Directory 

Additional Information

- When looking at the user reports, we could clearly see the access denied verdict, and the fact that no groups were found for the user

- Running the Auth Connector in debug mode whilst the user tried to login, we could see that the status returned for the logins were LOCKED_OUT

- Working with the AD administrators, we confirmed user object was indeed locked out and reset it. 

Powered by Wolken Software