IBM Support

IBM Security Guardium : Login Failed on GUI using LDAP user authentication Method

Troubleshooting


Problem

Unable to login on GUI with LDAP user. Error Message : "Invalid user name and/or password. Please reenter your credential "

Symptom

Below error on GUI while login

Cause

1. Guardium appliance network resolver not able to resolve the LDAP server hostname for GUI user authentication.
2. Improper network resolver configuration

Diagnosing The Problem

1. Run the app_issues from cli with the command "support must_gather app_issues" OR optionally run the application debug.
2. Reproduce the issue for debugger by making a couple of login failure attempts.
3. Download the "app_issues" file by fileserver or from GUI > Manage > Maintenance > "Support Information Results".
In case of application debug, you can find the log file "yyyy-mm-dd-debug.log" under debug-logs directory.
4. Check the file "yyyy-mm-dd-debug.log" and watch for below error log :
=============Tue Nov 14 18:17:13 EST 2017===================
Thread: http-bio-8443-exec-5 - user dn: internal\m63775
=============================================================
==============Tue Nov 14 18:17:13 EST 2017===================
Thread: http-bio-8443-exec-5 - javax.naming.CommunicationException: LDAP.internal.IBM.com:636 [Root exception is java.net.UnknownHostException: LDAP.internal.IBM.com]

Resolving The Problem

Configure the "network resolver" or correct "network resolver" entry.
CLI> show network resolver all
CLI> store network resolver 1 xx.xx.xx.xx
CLI> store network resolver 1 xx.xx.xx.xx

[{"Product":{"code":"SSMPHH","label":"IBM Security Guardium"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"Guardium Appliances","Platform":[{"code":"PF016","label":"Linux"}],"Version":"10.0;10.0.1;10.1;10.1.2;10.1.3;9.0;9.1;9.5","Edition":"Enterprise","Line of Business":{"code":"LOB24","label":"Security Software"}}]

Document Information

Modified date:
16 June 2018

UID

swg22010636

Page Feedback