IBM Support

Multiple failed ClearQuest Web logins can lock LDAP accounts

Technote (troubleshooting)


Problem(Abstract)

This technote identifies an IBM® Rational® ClearQuest® Web defect relating to the locking of domain accounts when using LDAP authentication.

Symptom

This problem happens when using LDAP authentication with ClearQuest. The LDAP server locks an account after a defined number of failed login attempts. Users may experience LDAP/domain account locking when incorrectly logging into ClearQuest Web, even though the failed attempts do not exceed the configured limits of the LDAP server.

Cause

There are two LDAP login efforts when one failed ClearQuest Web login occurs. This can result in an unexpected account locking if enough invalid attempts reach the LDAP server. This issue was identified as a product defect under APAR PK74842.

Resolving the problem

This problem is fixed starting in ClearQuest versions 7.0.0.6, 7.0.1.5, and 7.1.0.2. Upgrade to the latest version of ClearQuest to resolve this issue.

Cross Reference information
Segment Product Component Platform Version Edition
Software Development Rational ClearQuest Web Java Client
Software Development Rational ClearQuest Web Client (7.1)

Document information

More support for: Rational ClearQuest
User Administration - LDAP

Software version: 7.0, 7.0.0.1, 7.0.0.2, 7.0.0.3, 7.0.0.4, 7.0.0.5, 7.0.0.6, 7.0.1, 7.0.1.1, 7.0.1.2, 7.0.1.3, 7.0.1.4, 7.0.1.5, 7.1, 7.1.0.1, 7.1.0.2

Operating system(s): AIX, HP-UX, Linux, Solaris, Windows

Reference #: 1326284

Modified date: 25 October 2009