Problem: User Authentication Failed
Solution: Verify operation of Directory Server, availability of user, baseDN, and LDAP service property values.
To Troubleshoot Authentication Problems
-
Verify that the Directory Server is running.
For example:
# /usr/bin/ps -ef | grep slapd ./ns-slapd -D /var/opt/mps/serverroot/slapd-host1 -i /var/opt/mps/serverroot/slapd-host1
-
If necessary, start Directory Server using one of the following commands:
For example, if Directory Server 5.2 is the default version:
On Solaris: /usr/sbin/directoryserver start
On Linux: /opt/sun/sbin/directoryserver start
-
Check that the user ID in question exists in the directory.
For example:
ldapsearch -h host -p port -D dn -w password -s sub -b basedn "uid=uid"
This will return the user entry, if it exists, or ’No such object’ if the entry does not exist.
-
Check the uwcauth.properties file is using the correct baseDN and credentials.
See the following for more information:
-
In an Access Manager deployment, check that the LDAP service property values are valid.
-
Log in to the Access Manager console as amAdmin.
-
Under Identity Management, click the appropriate organization.
-
Choose Services from the View menu.
The services list should have at a minimum Authentication Configuration, and Authentication Modules Core and LDAP. Click the LDAP Properties arrow and verify the information that appears in the Data pane.
-
If the service is not added, continue with the steps that follow.
-
Click Add in the Navigation pane.
A list of available services is displayed in the Data pane.
-
Select the checkbox for Authentication Configuration and click OK.
The Authentication Configuration service will appear in the Navigation pane assuring you that it has been added.
-
Click the Authentication Configuration Properties arrow.
The Service Instance List is displayed in the in the Data pane.
-
Click New to add the service instance.
Type the name and click Submit.
-
- © 2010, Oracle Corporation and/or its affiliates