LookupAccountSid failed
search cancel

LookupAccountSid failed

book

Article ID: 122166

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction

You're running a Web Agent, and when you try to log in with Windows Authentication, the Web Agent returns an error 500 to the browser:

https://mymachine.example.com/siteminderagent/ntlm/creds.ntc?CHALLENGE=&SMAGENTNAME="[...] 

and you can see in the Web Agent traces : 

[11/28/2018][07:50:41][20576][104][xxxxxxx.xxxxxxx:227] 
[SmNtc::getCredentialsWinNativeAuth][xxxxxxxxxxxxxxxxxxxxxxxxxx][*xxx.xxx.xxx.xxxx][][mymachine.example.com][/] 
[][LookupAccountSid failed - 5] 

Environment

Release:12.8-Single Sign-On-for Business Users-MSP

Resolution

  1. Check the users in the following configuration mentioned in:  One thing you must do when: getting http 500.0.1346 error 

      run –> secpol.msc –> Local Policies –> User Rights Assignment
  2. Impersonate a client after authentication and make sure that users are set :

      Administrators 
      IIS AppPool\Net v2.0 
      IIS_IUSRS 
      LOCAL_SERVICE 
      NETWORK_SERVICE 
      SERVICE
  3. IIS should be allowed to do impersonation at the Windows OS level.
Powered by Wolken Software