Security Guide for Siebel Business Applications > Troubleshooting Security Issues >

User Authentication Issues

This section describes problems that may occur when authenticating users.

User is Unable to Work in the Administration - Server Configuration / Management Screen

The server administration component performs its own authentication by verifying that the Siebel user ID it gets from the Application Object Manager (AOM) is the user name for a database account. An external authentication system, either Web SSO or Siebel security adapter authentication, returns the user's Siebel user ID and, typically, a database account used by many users from an LDAP or ADS directory.

When you use external authentication, server administrators may not be able to access the Administration - Server Configuration or Administration - Server Management screen. Alternatively, if the system is configured to use the audit trail feature, some audit trail problems may occur.

To allow administrator users to work in server administration and management screens (and avoid audit trail problems), for each user in this relatively small group, use database authentication instead of external authentication. Administrator users should log into the application using either a different AOM or a Siebel Developer Web Client—in each case, database authentication must be configured.

Alternatively, authentication for a secondary data source such as the Siebel Gateway Name Server can be configured.

For more information about database authentication, see Configuring Database Authentication and related sections.

Adding Users or Changing Passwords Is Not Reflected in the Directory

If you add users or change passwords in a Siebel application and the changes are not reflected in the directory, make sure the PropagateChange parameter is set to TRUE for the security adapter. For more information, see Siebel Gateway Name Server Parameters.

Having Trouble Running the LDAP/ADSI Configuration Utility

Try running the utility from the machine that hosts the Siebel application you want to configure. The utility works best if run locally, rather than over the network.

Responsibilities in the Directory Conflict with Responsibilities in Siebel Business Applications

It is recommended that you assign user responsibilities in the directory or by using a Siebel application, but not both. For more information, see Configuring Roles Defined in Directory.

Upgrading Siebel Application Appears to Disable Checksum Validation

You must recalculate the security adapter's CRC checksum value whenever you upgrade your Siebel Business Applications. For more information, see Configuring Checksum Validation.

"Web Authentication Failed" Error Message Appears in Application Log File

If your installation is configured for Web SSO (without anonymous browsing) and the ProtectedVirtualDirectory parameter is not set, this message may appear.

To fix this error, set the ProtectedVirtualDirectory parameter in the eapps.cfg file to the same value as the application directory. For example:

[/eSales]
ProtectedVirtualDirectory=/eSales