Troubleshooting
Problem
Users are unable to log in to Planning Analytics / TM1Web when the server had been configured for SSO / SPNEGO authentication. Users received a 403 error in the browser.
Diagnosing The Problem
1) Enable the following DEBUG entries for the Application Server. In the \tm1installdir\wlp\usr\servers\tm1\jvm.options file, and add the following two lines to the bottom:
-Dcom.ibm.security.jgss.debug=all
-Dcom.ibm.security.krb5.Krb5Debug=all
-Dcom.ibm.security.jgss.debug=all
-Dcom.ibm.security.krb5.Krb5Debug=all
2) Restart the Application Server (IBM Cognos TM1 service)
3) Recreate the error
4) Consult the \tm1installdir\logs\tm1_messages.log file.
4) Consult the \tm1installdir\logs\tm1_messages.log file.
If the following error is displayed, attempt the resolution below:
CWWKS1106A: Authentication did not succeed for the user ID <username>. An invalid user ID was specified.
CWWKS1106A: Authentication did not succeed for the user ID <username>. An invalid user ID was specified.
Resolving The Problem
Verify the BaseDN parameter in the \tm1installdir\wlp\usr\servers\tm1\server.xml file. Verify that the BaseDN value is correct, and that the user who can not log in truly does reside under the path specified for the BaseDN. (You may need to get your Active Directory admin involved to verify)
Document Location
Worldwide
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSCTEW","label":"IBM Planning Analytics Local"},"Component":"","Platform":[{"code":"PF033","label":"Windows"}],"Version":"All Versions","Edition":"","Line of Business":{"code":"LOB10","label":"Data and AI"}}]
Was this topic helpful?
Document Information
Modified date:
20 August 2019
UID
ibm11037522