LDAP password credentials not found for user in CA Strong Authentication

book

Article ID: 132008

calendar_today

Updated On:

Products

CA Rapid App Security CA Advanced Authentication

Issue/Introduction



Profile SSOLDAPQUEST is set for GLOBALLINK org which has LDAP and use Questions and Answers LDAP User gets redirected to profile setup page and asked to authenticate with password , but fails seeing error inarcotafm.log

2019-05-09 12:37:52,429 [ajp-nio-9303-exec-7] DEBUG integrations.frontend.LifeCycleStateData(700) -> Decide migration entering create function for credential LDAP |20190509123736.775.842ab660 2019-05-09 12:37:52,430 [ajp-nio-9303-exec-7] DEBUG integrations.frontend.LifeCycleStateData(700) -> Invoking: com.arcot.integrations.frontend.tasks.lifecycle.VerifyLDAPCredentials |20190509123736.775.842ab660 2019-05-09 12:37:52,430 [ajp-nio-9303-exec-7] DEBUG integrations.frontend.LifeCycleStateData(700) -> Calling PasswordAuth for (user,org)=(globallink,GLOBALLINK) |20190509123736.775.842ab660 2019-05-09 12:37:52,430 [ajp-nio-9303-exec-7] INFO api.impl.TxnMarker(30) -> Txn-Begin : OP=verifyPlain | CTxID=_S2F4_1_74 2019-05-09 12:37:52,460 [ajp-nio-9303-exec-7] INFO api.impl.TxnMarker(44) -> Txn-End : OP=verifyPlain | CTxID=_S2F4_1_74 | STxID=210 | RC=5800 | REC=0 | TOT=29 | SRT=59 | TGC=0 | TRC=0 | TWR=0 | TRD=22 | TCR=-1 | RTC=0 | NCA=-1 | NCB=-1 2019-05-09 12:37:52,460 [ajp-nio-9303-exec-7] WARN integrations.frontend.LifeCycleStateData(716) -> LDAP password credentials not found for user, server transaction id=210: The credential was not found for the user ( GLOBALLINK ). |20190509123736.775.842ab660 2019-05-09 12:37:52,461 [ajp-nio-9303-exec-7] DEBUG integrations.frontend.LifeCycleStateData(700) -> 707063252: User not found in LDAP.: (user,org)=(globallink,GLOBALLINK) |20190509123736.775.842ab660 2019-05-09 12:37:52,461 [ajp-nio-9303-exec-7] DEBUG integrations.frontend.LifeCycleStateData(700) -> Decide migration exiting create function for credential LDAP |20190509123736.775.842ab660 2019-05-09 12:37:52,461 [ajp-nio-9303-exec-7] DEBUG integrations.frontend.LifeCycleStateData(700) -> Decide migration execution ends. |20190509123736.775.842ab660

Environment

CA SSO 12.7 configured with CA Adapter for CA AA 9.0 - both running on Linux

Resolution

Please follow the below steps to resolve the issue.

1. Login to Admin console with global admin privileges. 
2. Go to organizations tab and search for the organization -> click on the organization used for the 
    User base -> Click on Strong Authentication tab.
3. On left panel go to link Assign Default Configurations.
4. Look for Credential Type Resolution Configuration : and then from drop down choose 
    VerifyLDAPPassword option and save the configuration. 
5. Refresh the cache by going to Services and server configuration -> Administration console tab. 
6. Test the flow again using application or validate it with CA Strong Auth sample application -> Miscellaneous -> Verify Plain.