search cancel

Utility GUIs getting access denied when using an LDAP user

book

Article ID: 253796

calendar_today

Updated On:

Products

CA Automic Workload Automation - Automation Engine CA Automic One Automation

Issue/Introduction

For utility GUIs that require a login like:
Client copy - ucybdbccg.exe
Archive - ucybdbarg.exe
Reorg - ucybdbreg.exe

Using an AE user like UC/UC to login to client 0 works okay, but using a LDAP connected user runs into an access denied error:

U00036157 Access denied!

The log will show something like:

20221107/110548.945 - U00036189 Logon with user 'USER/DEPT'.
20221107/110548.961 - U00036192 Logon with user 'USER/DEPT' was not successful. Access denied.

Environment

Release : 12.3, 21.0

Cause

As designed due to security

Resolution

A non-LDAP user needs to be used to login to the utility GUIs: Client Copy, Archive, Reorg

This was possible in previous versions due to a lower security setting that was in place.  In 21.0 and higher versions of 12.3 this has been removed.  The LDAP users must be able to connect to LDAP through the Automation Engine processes.  Since the utilities don't connect to the AutomationEngine processes, they cannot authenticate against LDAP.  This was possible in some previous versions, but should not have been.

Attachments