CA RA Error while trying to fetch users authorities from Active Directory using tokenGroups
Article ID: 116864
Updated On:
Products
CA Release Automation - Release Operations Center (Nolio)
CA Release Automation - DataManagement Server (Nolio)
Issue/Introduction
In the nolio_dm_all.log files, this message presents: "Error while trying to fetch users authorities from Active Directory using tokenGroups".
Environment
CA Release Automation 6.x
Cause
The message may present if the end users are trying to login and are experiencing an HTTP 500 error or with LDAP integration not working correctly. This is often due to a missing domain suffix (ie: user1 vs [email protected]).
Resolution
The users' LDAP entry for "UserPrincipalName" may be missing the domain suffix (ie [email protected] vs user1) or in the distributed.properties file that is used to configure the LDAP integration, the AD login user is missing a domain suffix.
Additional Information
Another potential cause for the error is documented here:
https://comm.support.ca.com/kb/deployment-could-hang-intermittent-when-ra-is-configured-to-authenticate-against-ldap-servers-which-are-configured-with-round-robin/kb000008330
https://comm.support.ca.com/kb/deployment-could-hang-intermittent-when-ra-is-configured-to-authenticate-against-ldap-servers-which-are-configured-with-round-robin/kb000008330
Feedback
Yes
No
Powered by
