search cancel

Rally - On-premises: Unable to login via LDAP when password has dollar signs

book

Article ID: 134840

calendar_today

Updated On:

Products

CA Agile Central On Premise (Rally)

Issue/Introduction

When an LDAP password contains dollar signs, there may be issues when either testing the LDAP connection from the dashboard or when end users attempt to log into the Rally application.


The symptoms vary depend on whether there is a single dollar sign in use or two dollar signs.


If a single dollar sign ($) is used, the connection test will fail when configuring from the dashboard.  You will see the following error next to the "Test Credentials" button:

LDAP authentication failed: LDAP Result Code 49 "Invalid Credentials": 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1


If two dollar signs are used together ($$), the connection test will appear to succeed, however when end users attempt to login, they will now be successful.  In the ALM logs, we will sometimes see a similar error as above.


If the end user is trying to log in, the may receive a login failure stating "The username or password you entered is incorrect".

Environment

Release :

Component : AGILE CENTRAL ON PREMISES

Resolution

A defect has been filed for this issue, however at this time, the only resolution is to update the LDAP service account password or the end user password in Active Directory so that it does not contain any dollar signs.