LDAP unable to login to our v3.7 CAPC console, Receiving 'unable to authenticate user' error
search cancel

LDAP unable to login to our v3.7 CAPC console, Receiving 'unable to authenticate user' error


Article ID: 145862


Updated On:


CA Infrastructure Management CA Performance Management - Usage and Administration DX NetOps


When an LDAP user tries to login to the CAPC console, they get an error:

'unable to authenticate user'

This was working fine a few days ago.

Tried to test the LDAP user in SsoConfig, and we fail:

Could not obtain a DirectoryContext.

javax.naming.AuthenticationException: [LDAP: error code 49 - 8009030C: LdapErr: DSID-0C09056D, comment: AcceptSecurityContext error, data 52e, v2580]

Logon failure: unknown user name or bad password.

Bind to the directory failed.


Release : 3.7

Component : IM Reporting / Admin / Configuration


In SsoConfig there are 2 types of settings:

  1. Remote Value

These settings are propagated to all other CA products and data sources that are registered to this instance of Performance Center. This includes the Event Manager in Performance Center, which embeds the URL of Performance Center. Performance Center uses Remote Value settings only if a corresponding Local Override value is not present.

  1. Local Override

Overrides a setting on this Performance Center instance, which does not propagate to other CA products and data sources (including Event Manager) registered to this instance of Performance Center. Local Override takes precedence over both the Remote Value and default settings.


For LDAP use ‘Remote Value’ so that the values are passed to the LDAP server.

‘Local Override’ should be all blank.
Here we see that someone had edited the Local Override values:


In this case, we see that the user bind setting had been accidentally set to enabled.

Use SsoConfig to reset the Local Override.

and now the settings will use the Remote Value as desired:


Additional Information