Issue/Introduction:
Users cannot login to the application due to misconfiguration of the Active Directory (AD) lookup. The domain dropdown is available but no one can log in to the application, including the Administrator.
The following error may be present in the Tomcat log:
09 May 2012 11:46:43,512- Thread: 14 SEVERE [com.vontu.enforce.authentication.kerberos.KerberosAuthenticationService] Default KDC not set
09 May 2012 11:46:43,525- Thread: 14 SEVERE [com.vontu.enforce.authentication.AuthenticationServiceFactory] Unable to initialize the EnforceAuthenicationService
Resolution:
The Active Directory (AD) lookup must be reconfigured and the Manager restarted.
To resolve the access issue:
- In SQL*Plus: update attribute set value='false' where name='KerberosAuthOn'
- At the SQL prompt type: commit;
- Restart the Vontu Enforce server. The SQL statement turns AD auth off and Enforce goes back to regular authentication with Vontu credentials. The validation check is:
select * from attribute where name='KerberosAuthOn';
You should see the new 'false' value as shown in the following example:
-----------------
C:\Documents and Settings\Administrator>sqlplus protect/[email protected]
SQL*Plus: Release 10.2.0.2.0 - Production on Thu Apr 12 11:40:01 2007
Copyright (c) 1982, 2005, Oracle. All Rights Reserved.
Connected to:
Oracle Database 10g Release 10.2.0.2.0 - Production
SQL> update attribute set value='false' where name='KerberosAuthOn';
1 row updated.
SQL> commit;
Commit complete.
SQL> select * from attribute where name='KerberosAuthOn';
ATTRIBUTEID NAME
----------- ----------------------------------------------------------
VALUE
----------------------------------------------------------------------
SETTINGID
----------
134 KerberosAuthOn
false
7
SQL> exit
Disconnected from Oracle Database 10g Release 10.2.0.2.0 - Production