search cancel

ServiceDesk account login fails with AHD04043 after fresh installation of SDM 17.1 with NTLM without EEM


Article ID: 108042


Updated On:


SUPPORT AUTOMATION- SERVER CA Service Desk Manager - Unified Self Service CA Service Desk Manager CA Service Management - Asset Portfolio Management CA Service Management - Service Desk Manager


After installing SDM 17.1 on BG server (non-upgrade), the ServiceDesk account is not able to login.

The message in the stdlog is:
boplgin 1028 ERROR bplaccess.c 4469 AHD04043:The user name or password you entered is not correct. Please try again.

The ServiceDesk account exists as a local OS account and password has been verified.  The passwords does not contain any special characters (just digits and English alphabet letters). The password is 20 characters long. 


CA Service Desk Manager 17.1
EEM is not installed.
Authentication is via NTLM.


In the Local Security Policy of the CA SDM servers, the following two NTLM security options were found to be set to "Deny all accounts" or "Deny all".
  • Network security: Restrict NTLM: Incoming NTLM traffic
  • Network security: Restrict NTLM: Outgoing NTLM traffic to remote servers  

<Please see attached file for image>

NTLM incoming

<Please see attached file for image>

NTLM outgoing


Change the values of the two security options to "Allow all" on all of the servers.

<Please see attached file for image>

NTLM Allow all


Additional Information

How to Enable NTLM Authentication for CA SDM Tomcat Using WAFFLE


1558698690211000108042_sktwi1f5rjvs16jg8.png get_app
1558698688436000108042_sktwi1f5rjvs16jg7.png get_app
1558698686504000108042_sktwi1f5rjvs16jg6.png get_app