08-21-2014 11:19 AM
We are on Clearwell 7.1.2, for a reason unbeknownst to us when trying to log in we get a message of authentication failed [#16005], User ID not found or password was incorrectly typed. I know this to be untrue because I can log in a few hours later using the same credentials. I can log out on one day, come in the next day and try to log in and get the same message. If I come back to it later, my login will sometimes be successful. I've tried restarting services, restarting the device and still get the same thing.
This is becoming annoying as there are times when I need to manage some cases with high priority and I'm unable to.
Has anyone had this same experience and have a solution/workaround?
Thanks.
Solved! Go to Solution.
08-26-2014 09:53 AM
I see that error message in the Technote I linked to:
Caused by: javax.naming.CommunicationException: DomainDnsZones.DC.DC.com:389 [Root exception is java.net.SocketTimeoutException: connect timed out]
Article:TECH215941 | | | Created: 2014-03-19 | | | Updated: 2014-04-01 | | | Article URL http://www.symantec.com/docs/TECH215941 |
Can you try that solution?
08-21-2014 03:02 PM
That is pretty strange. Do you authenticate via LDAP?
Article:TECH215941 | | | Created: 2014-03-19 | | | Updated: 2014-04-01 | | | Article URL http://www.symantec.com/docs/TECH215941 |
08-21-2014 03:06 PM
I also found this, but don't think it is your issue:
Article:TECH197718 | | | Created: 2012-10-02 | | | Updated: 2014-02-14 | | | Article URL http://www.symantec.com/docs/TECH197718 |
08-23-2014 04:57 AM
I think it's worth checking connectivity between your LDAP server used at these times. If you have access to the local superuser account (not an enterprise [ldap] account with admin access), try this at the same time, if this logs in immediately, the issue would appear to be with LDAP and connectivity.
At these times where it fails, take a look in the catalina logs in the log directory, this is where ldap errors will be noted - it may tell you something like a timeout is the issue. If it's every day at the same time, perhaps check with the server admins - maybe something is being done to cause this behaviour.
08-25-2014 03:14 PM
Thanks, it does appear to be an LDAP issue. When logging in with the local account the user authenticates and logs in right away.
RPR
08-26-2014 01:00 AM
Hello RPR,
That's at least some progress, the next steps would be to take a look at the error returned in the d:\cw\v71x\logs\catalina<date>.log file at the same time. I think you will find a connection refused or a timeout, if this is the case you need to speak to the owner of the LDAP server, often these are domain controllers - it could be that they are doing something specifically at these times like a backup.
08-26-2014 09:38 AM
Do you think that the case here?
org.apache.catalina.realm.JNDIRealm authenticate
SEVERE: Exception performing authentication
javax.naming.PartialResultException [Root exception is javax.naming.CommunicationException: DomainDnsZones.<domain>:389 [Root exception is java.net.SocketTimeoutException: connect timed out]]
08-26-2014 09:53 AM
I see that error message in the Technote I linked to:
Caused by: javax.naming.CommunicationException: DomainDnsZones.DC.DC.com:389 [Root exception is java.net.SocketTimeoutException: connect timed out]
Article:TECH215941 | | | Created: 2014-03-19 | | | Updated: 2014-04-01 | | | Article URL http://www.symantec.com/docs/TECH215941 |
Can you try that solution?
08-26-2014 12:21 PM
I've updated the port and was able to successfully authenticate against the GC on port 3268.
I'll try about the same time tomorrow again but so far I've been able to log in/out a number of times.
Crossing my fingers, thanks for your help!