Random login errors with AD and EPi CMS 5

Vote:
 

We have trouble with login to /edit and /admin mode since we upgraded our intranet to CMS 5 from 4.31 in june. The web server is in DMZ and AD is inside domain behind firewall. We also use Episerver Role Provider and Microsoft Membership provider.

The thing is, login works for the editors 95 % a day, but suddenly (random) they face an error when pushing the logon-button. And when refreshing the web browser window they are logged in to /edit or /admin mode?

It has something to do with the LDAP functionality (below is some rows from error message):

System.DirectoryServices.Protocols.DirectoryOperationException: The server is unavailable.     at System.DirectoryServices.Protocols.LdapConnection.BindHelper(NetworkCredential newCredential, Boolean needSetCredential)    at System.DirectoryServices.Protocols.LdapConnection.Bind(NetworkCredential newCredential)

OK, we have found some strange things. On all occasions when errors is logged on intranet web server, the firewalll drops some ping traffic. It´s like the intranet web server is asking the Domain Controller: "are you there?".

And when we check the Domain Controller´s event log, we can see that other web servers running Epi (with old versions of Epi connectiong with Ldapper) has successfully logged into the DC for checking permissions (using a special account name xxx) . But no event log items for the intranet CMS web server using account name xxx???

Why does not the Domain Controller log when Epi CMS connects for checking logins and user roles? Evidently our editors CAN login 95% of the day. The intranet web server MUST have contact with the DC, using the account name xxx to login and then ask questions about user firstname.lastname@domain.com as I can see...

Any one have a clue where to look?

 

#22525
Aug 07, 2008 15:19