Jump to content
Kaspersky Support Forum

KATA 4+ SSO problems for users with too many AD groups [KATA/KEDRE]

Antipova Anna
 Share

Recommended Posts

Antipova Anna

Antipova Anna

Posted
Posted

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials.

Problem

When user is added to a lot of AD groups, he may be unable to login to web interface of KATA via SSO.

Step-by-step guide

  1. Modify /etc/opt/kaspersky/apt-swarm/swarm_config.json like this (set buffer_size to 65535 under uwsgi section - it's on bottom of the file)

     2.  Execute via SSH 

apt-settings-manager get /configuration/web_backend | python -m json.tool > /tmp/web_backend

    3.  vim /tmp/web_backend

    4. Find uwsgi and change value as per below, save file

"uwsgi": {

        "buffer_size": 65535,

        "cache2": [

    5. Put settings back

apt-settings-manager set /configuration/web_backend @/tmp/web_backend

   6. Execute

docker ps | grep nginx

Output will be similar like this: 39c125e0546e   kaspersky/kata/web/nginx_gateway:0e5fabb

Write down somewhere this value 39c125e0546e (yours will be different).

  7. Execute

docker exec -it 39c125e0546e bash
echo "large_client_header_buffers 8 64k;" > /etc/nginx/conf.d/large_buffers.conf
nginx -s reload
exit

 8. Do the same (6-7) for container web_backend

 9. However, if containers web_backend and nginx_gateway will be restarted, changes in 6-7 will be lost, thus you can quickly put back settings like this:

docker exec -it `docker ps | grep web_backend | awk '{print $1}'` bash -c 'echo "large_client_header_buffers 8 64k;" > /etc/nginx/conf.d/large_buffers.conf && nginx -s reload'
 
docker exec -it `docker ps | grep nginx_gateway | awk '{print $1}'` bash -c 'echo "large_client_header_buffers 8 64k;" > /etc/nginx/conf.d/large_buffers.conf && nginx -s reload'
Link to comment
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share
Go to topic listing


×
×
  • Create New...