APAR status
Closed as user error.
Error description
Domino 8.5.2FP3\Win7 Windows single sign-on for Web clients doesn't work if internet password in person record domino directory and active directory password are the same. Everything works fine if the passwords are not the same. This really should work. - Client password is "password 1" and AD password is "password 2" and everything works fine - Then you change the client password to "password 2" to match the AD password and it no longer works. - Added the following debug parameters to the server notes.ini followed by a server restart. Then test with both passwords being different so I can see it working. Then test with both passwords the same so I can see it fail. DEBUG_SSO_TRACE_LEVEL=2 WEBSAUTH_VERBOSE_TRACE=1 Console_log_enabled=1 Debug_ThreadID=1 Results on ecurep Examined the console.log: Following failure can be seen at 1:44 and even at 1:41 when attempt was successfull: [12648688:00053-10027] 14.05.2013 13:44:51.29 NAMELookup::<NAMEVerifyLDAPPassword>> BIND LDAP host='D00370003.AUTOMOBIL.DEKRA.DE:389' failed for user 'CN=A24766,OU=StandardUser,OU=User,OU=HV,OU=user,D C=company,DC=test,DC=de' error:'Invalid credentials' [12648688:00053-10027] 14.05.2013 13:44:51.29 NAMELookup::<NAMEVerifyLDAPPassword>> Informational: Restore LDAP msgid ='6' [12648688:00053-10027] 14.05.2013 13:44:51.29 NAMELookup::<NAMEVerifyLDAPPassword>> Restoring LDAP Connection for host='D00370003.company.test.DE:389' w/ user='AUTOMOBIL\C00999' [12648688:00053-10027] 14.05.2013 13:44:51.29 NAMELookup::<NAMEVerifyLDAPPassword>> Received error 'Error looking up name on LDAP Server; See server log for further details.' trying to verify LDAP credentials! [12648688:00017-10027] 14.05.2013 13:44:51.29 WebAuth> Unsuccessful LDAP BIND for user='CN=A24766/OU=StandardUserHV/OU=UserHV/OU=HV/OU=company /D C=company/DC=dekra/DC=de' -also LTPATOKEN and LTPATOKEN2 are existing Can L3 provide some further debug\assistance to determine the root cause here
Local fix
Do not use the same password
Problem summary
Problem conclusion
Temporary fix
Comments
This APAR is associated with SPR# PPOR98LKL8. The problem was caused by a user error or user misunderstanding.
APAR Information
APAR number
LO75743
Reported component name
DOMINO SERVER
Reported component ID
5724E6200
Reported release
852
Status
CLOSED USE
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2013-06-12
Closed date
2013-06-25
Last modified date
2013-06-25
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Applicable component levels
[{"Business Unit":{"code":"BU055","label":"Cognitive Applications"},"Product":{"code":"SSKTMJ","label":"Lotus Domino"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"8.5.2","Edition":"","Line of Business":{"code":"","label":""}}]
Document Information
Modified date:
25 June 2013