Troubleshooting
Problem
CAM-AAA-0056 Unable to authenticate:
Symptom
{ "loggerName": "Trace.CAM.AAA.Provider.LDAP", "level": "DEBUG", "additivity": true }
After replicating the issue, open your cognosserver.log and find the function 'ldap_modify_s' call. There's a return value of '19'.
2021-05-10T16:36:22.609+0800 DEBUG session.Audit.RTUsage.CAM.AAA.Provider.LDAP [Thread-54] 8Gdh28vs9hdhl4y9CMjsqls2C48s9h8djvvvld42 0 NA 10.100.1.125 9300 null 8Gdh28vs9hdhl4y9CMjsqls2C48s9h8djvvvld42_0_ AAA.Provider.LDAP 9420 CallEnd <function name="ldap_modify_s"><parameters></parameters><returnvalue><![CDATA[19]]></returnvalue></function>
Cause
This may happen if you've configured Cognos namespace account mappings to use the password attribute of 'unicodePwd'. This attribute has unique constraints and requirements which you need to discuss with your LDAP admin to understand more.
This isn't a Cognos issue. Replicating this outside of Cognos should also give you the same results, e.g. when using LDIFDE against 'unicodePwd'.
Resolving The Problem
Change Cognos to use a different password attribute. ADLDS supports both 'unicodePWD' and 'userPassword'.
In Cognos configuration, update your ADLDS namespace's account mapping password attribute-
from:
'unicodePWD'
to:
'userPassword'
Related Information
Document Location
Worldwide
Was this topic helpful?
Document Information
Modified date:
10 May 2021
UID
ibm16451509