ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Not able to login to Service Desk EIAM authentication timeout

book

Article ID: 212420

calendar_today

Updated On:

Products

CA Service Desk Manager

Issue/Introduction

Service Desk is configured to use EIAM authentication and all users can't log in. End users will receive time out error when try to log in.

Messages like these are logged in Service Desk stdlog

04/08 11:03:33.29 SDM-server      bopauth_nxd          4740 ERROR        bopauthobj.c           836 Could not create auth thread.
04/08 11:03:36.01 SDM-server      bopauth_nxd          4740 ERROR        bopauthobj.c           836 Could not create auth thread.
04/08 11:03:40.28 SDM-server      bopauth_nxd          4740 ERROR        bopauthobj.c           836 Could not create auth thread.
04/08 11:03:43.49 SDM-server      bopauth_nxd          4740 ERROR        eiamAuth.c             477 Error authenticating user: 'the-userid' - EE_AUTHFAILED Authentication FailedISP_ERROR_NOGATEWAY igateway not running - took '2629794' miliseconds.

pdm_status shows all Service Desk processes are up and running.

Remote EIAM app is up and running as testing users can log in EIAM UI with the same user name and password on the EIAM server. However, when try to bring up the EIAM UI from Service Desk server page not found error occurs.

Network monitor shows the EIAM port(default is 5250) is open as the network engineer can see Service Desk sends request bytes to EIAM server via the EIAM port. However, 0 bytes is sent  from EIAM server to Service Desk server. So it seems there is no network firewall issue.

Cause

EIAM server has the firewall turned on that blocks the EIAM port.

There are a couple of reasons the server firewall is on---it could be system administrators perform some security check and action, it could be some server security patch installation automatically blocks the "unsecure" ports, it could be some rollback of server due to some system issue and so on.

Environment

Release : 17.1/17.2/17.3, EIAM on windows server 

Component : CA Embedded Entitlements Manager

Resolution

Disable the firewall on EIAM server for the EIAM port(default is 5250).