Inability to authenticate using Active Directory.
To determine whether authentication is possible:
1. Test the connectivity with the kinit command to make sure the credentials are correct.
To determine whether authentication is possible using kinit:
Kinit is a simple command line tool. The input is username and password. It will respond back with success (some message about a new ticket) or failure and an exception. The password appears in cleartext on the screen. Customers need to be aware of this.
When set up for the first time, it may complain about a missing krb5.ini file. Modify the krb5.ini file provided in protect\config appropriately and put it at the location asked for.
2. Ensure that the user has an assigned role. Without a role, the user cannot log in to the system.
To assign a role:
If no roles are set up, you will need to set one up under Administration -> Users -> Roles. Click the Add a Role tab. Then name and define your role. Save changes when you are finished.
NOTE: If Vontu services come online before all the Oracle database services, AD logins might not work until the Vontu services are restarted. In this case, it is recommended to set the “Vontu Manager” service to have a dependency on the “Oracleservice[username]” service.
TECH220609: Tips on setting up Active Directory Authentication