Symantec Directory Manager : Not able to login with 'admin' user in Management UI
search cancel

Symantec Directory Manager : Not able to login with 'admin' user in Management UI

book

Article ID: 272105

calendar_today

Updated On:

Products

CA Directory

Issue/Introduction

After installing Symantec Directory Manager, you are not able to login to management UI with 'admin' user.

Looking at the apps.log under $DXUIHOME/logs you noticed following errors being reported:

{"level":"info","message":"Creating LDAP connection to \"ldaps://mgmt_ui_host_name:10389\""}
{"level":"error","message":": Connection error when trying to connect, error: Error: Client network socket disconnected before secure TLS connection was established"}
{"id":"dcbe1XXXXXXb7ce0","level":"error","message":"Acquiring an LDAP connection from the pool: failed to acquire an LDAP connection, error: Error: Client network socket disconnected before secure TLS connection was established"}
{"level":"info","message":"Creating LDAP connection to \"ldaps://mgmt_ui_host_name:10389\""}
{"id":"dcbe1XXXXXXb7ce0","level":"error","message":"Load email configurations for all environments with email notification enabled: error - Error: Server operation failed"}
{"level":"error","message":": Connection error when trying to connect, error: Error: Client network socket disconnected before secure TLS connection was established"}
{"id":"a8b9XXXXXXX12b7","level":"error","message":"Acquiring an LDAP connection from the pool: failed to acquire an LDAP connection, error: Error: Client network socket disconnected before secure TLS connection was established"}
{"level":"error","message":": Connection error when trying to connect, error: Error: Client network socket disconnected before secure TLS connection was established"}
...
...
{"level":"info","message":"Local user authentication"}
{"level":"info","message":"Authenticating user \"admin\" ..."}
{"level":"info","message":"Authenticating user \"admin\" ...: authenticating user against server \"ldaps://mgmt_ui_host_name:10389\""}
{"level":"error","message":"Authenticating user \"admin\" ...: Connection error when trying to connect to LDAP server, error: Error: Client network socket disconnected before secure TLS connection was established"}
{"level":"info","message":"::ffff:XX.XX.XX.XXX - - [21/Aug/2023:16:21:33 +0000] \"POST /login HTTP/1.1\" 500 2\n"}
{"level":"info","message":"::ffff:XX.XX.XX.XXX - - [21/Aug/2023:16:21:33 +0000] \"GET /assets/lib/img/small-spinner.gif HTTP/1.1\" 200 673\n"}

Environment

Release : 14.1

Resolution

The problem you are seeing is related to missing DSA personalities certificates for two DSAs that the Directory Manger is using.

i.e.
hostname-management-ui
hostname-monitoring-management-ui

Check under $DXHOME/config/ssld/personalities folder on this Directory Manager host to confirm if you have the following certs or not.

hostname-management-ui.pem
hostname-monitoring-management-ui.pem

If the certs are missing, you need to recreate them using following commands:

dxcertgen -i "CN=GenCA,O=MgmtUI,C=AU" -D "hostname-management-ui" certs

dxcertgen -i "CN=GenCA,O=MonitorMgmtUI,C=AU" -D "hostname-monitoring-management-ui" certs

NOTE: You need to replace the 'hostname-management-ui' and 'hostname-monitoring-management-ui' with your actual DSA names. If not sure, run 'dxserver status' command at the system prompt to get the exact names of these DSAs.

Additional Information