Unable to Login with LDAP - Error: CMN-01002

book

Article ID: 196555

calendar_today

Updated On:

Products

Clarity PPM On Premise Clarity PPM SaaS

Issue/Introduction

A user is not able to log in using External Authentication / LDAP / Active Directory though other users can. 

Error:

CMN-01002: User name or password is invalid or account is locked. Note that passwords are case-sensitive. If problem continues, contact your administrator.

We've tried using different email addresses and changing passwords to see if that helps but it doesn't. The user is able to use the same credentials to login to everything else on the network.

Error seen in the app-ca.logs:

ERROR 2020-07-29 09:12:54,039 [https...] directory.LDAPDirectoryService (clarity:unknown:none:security.loginAction) 

Authentication failed for::CN=userID,OU=Standard Users,OU=Corp Users,DC=CORP,DC=AD,DC=company,DC=COM::due to this reason::[LDAP: error code 49 - 80090308: LdapErr: DSID-0C090446, comment: AcceptSecurityContext error, data 52e, v2580 ]

Cause

This can be due to an invalid password or locked ldap user account password

Environment

Release : All Supported Releases

Component : CA PPM INTEGRATIONS & INSTALLATIONS

Resolution

  1. Check to make sure the LDAP Password is not locked
  2. Check to also make sure the user is using the correct LDAP password
    • If External authentication is checked, make sure the user is using their LDAP/network password.
    • If it's not checked, they should be using their Clarity password
  3. If the above doesn't help, work with your internal network team to check for any issues. One thing can help is working with your LDAP team using jxplorer to test the user credentials to active directory

Additional Information

Searching for known Clarity Issues using Self Service