search cancel

"No user logged on at physical console" when bringing up WSS Agent on MacOS

book

Article ID: 253364

calendar_today

Updated On:

Products

Web Security Service - WSS

Issue/Introduction

WSS agent user running on MacOS can authenticate with SAML and browse allowed sites without issues.

Periodically, instead of being asked to authenticate to the SAML IDP server, the user simply sees the following message on the console:

"No user logged on at physical console" 

If you see "Waiting for console user to log in" you should also see "has logged in - continuing CTC" in diagnostic log, which was not the case when it failed.

This should not happen with MacOS as there is always a logged in user on console.

Only seems to happen with a reboot/restart - any RECONNECT always works fine.

 

Environment

WSS Agent 8.2.1

MacOS 12.6

Cause

Race condition between console notification thread and CTC module.

Resolution

Apply WSS Agent 8.2.2

Additional Information

WSS Agent disgnostic info showed the following info when the MacOS user was clearly logged in.

[10-05-2022 17:11:54 (UTC+2:00)]: ---- Starting Service (8.2.1.18250) ----
[10-05-2022 17:11:54 (UTC+2:00)]: Customer ID: 12345
[10-05-2022 17:11:54 (UTC+2:00)]: Tamper protection: disabled
[10-05-2022 17:11:54 (UTC+2:00)]: macOS arm64 12.6.0  machine name: ABCDEFG machineID: d64a11d7-5332-4a68-a4f4-696a9de998dc
[10-05-2022 17:11:54 (UTC+2:00)]: (Notifier) Using network extension
[10-05-2022 17:11:55 (UTC+2:00)]: Initial routing configuration - traffic to ctc.threatpulse.com now routed through interface with address: 192.168.0.24
[10-05-2022 17:11:55 (UTC+2:00)]: Waiting for console user to log in   ******  normally see MacOS logged in user info here
[10-05-2022 17:11:56 (UTC+2:00)]: Known proxies: 199.19.250.205:80(R);ep.threatpulse.net:80(N);prxcagip.zoe.gca:8080(N);
[10-05-2022 17:12:03 (UTC+2:00)]: CTC Response: ACTIVE(PRECHK)  egress:91.172.6.6  GFRPA-46.235.155.164  GBEBR-46.235.155.164  GNLAM-98.158.252.164  GDEFR-199.247.40.164  ****** Neil - manually reconnected 30-40 seconds later and all worked fine.
[10-05-2022 17:12:32 (UTC+2:00)]: Manual reconnect to WSS initiated