- 新しい順
- 投票が多い順
- コメントが多い順
When a RADIUS server receives a request there are only four different ways it can respond. It either sends back "Access Reject", "Access Challenge", "Access Accept", or it doesn't respond at all. For example if the "shared secret" is wrong then it does not send a reply. The awsfaketestuser test is verifying two things for us. The first is that we have network connectivity and the second is that the shared secret is correct. If either of those two fail then we get no reply back and the call times out. These are the two main reasons MFA setup can fail. In a successful test we are expecting to receive back a reply of "Access Reject". One way you can troubleshoot this is to turn on VPC flow logs to the ENI attached to the AD connector to see if the return traffic from your RADIUS server is reaching the AD connector.
関連するコンテンツ
- AWS公式更新しました 2年前
- AWS公式更新しました 2年前
- AWS公式更新しました 3年前