IV31024: AUTHENTICATION IS FAILING IN LMC USING ACTIVE DIRECTORY

Technote (troubleshooting)


Problem

IV31024: AUTHENTICATION IS FAILING IN LMC USING ACTIVE DIRECTORY

Resolving the problem


To determine whether this APAR is fixed in your version of Lotus Mobile Connect, or to obtain the latest recommended maintenance, refer to: http://www-01.ibm.com/support/docview.wss?uid=swg27020327

Problem Summary
----------------------------------------------------------------------------------
****************************************************************
* USERS AFFECTED: CM users using ldap bind authentication.     *
****************************************************************
* PROBLEM DESCRIPTION: Login fails if user record on ldap      *
*                      authentication server has been moved    *
*                      to a different OU (or anything that     *
*                      would cause the DN to change)           *
****************************************************************
* RECOMMENDATION: Update to fixtext containing this APAR or to *

* release 6.1.5.                                               *
****************************************************************

IMC will clear the cached DN setting on failure so subsequent
login attempts will cause a refresh and success.

Problem Conclusion
----------------------------------------------------------------------------------
A formal fix for this problem will be
included in all product releases AFTER
6.1.4. For the 6.1.4 release a temporary fix
may be obtained from the IBM Mobile
Connect Support Center. To obtain this
APAR fix first check the List of Fixes to
determine which build level the fix is
included with. Secondly, check the IBM
Mobile Connect Recommended Maintenance
page for the latest available build for the
product.
If the APAR you seek is not available in the
latest published Mobile Connect build you
may visit the IBM Mobile Connect On-line
Support Center at http://www-947.ibm.com
/support/entry/portal/overview/software/
lotus/ibm_mobile_connect or open a new PMR
by visting the ('Service Requests and PMRs')
page on the support site. If you need to reach
IBM Support in the U.S. call 1-800-IBM-SERV.
For Support outside of the U.S. please visit the
IBM Contacts page at
http://www.ibm.com/planetwide/ to find the
direct dial support number for your
location.

Error Description
----------------------------------------------------------------------------------
Lotus Mobile Connect 6.1.4
Authentication to Microsoft Active Directory is failing and the
cause appears to be that the distinguished name (dn) is
changing in between LMC lookups. In the wg.log you would see
messages such as:

Trap: 'AG: authentication failed'
(uid=lastname.johndoe@us.ibm.com,
cn=Users,cn=System,o=local/ )

Local Fix
----------------------------------------------------------------------------------
Deleting the LMC local user record for affected accounts seems
to temporarily avoid the reported problem.



Rate this page:

(0 users)Average rating

Add comments

Document information


More support for:

IBM Mobile Connect

Software version:

6.1.4

Operating system(s):

AIX, Linux, Solaris, Windows

Reference #:

1621968

Modified date:

2013-01-09

Translate my page

Machine Translation

Content navigation