UVMS LDAP Account Lockout due to Multiple Authentication Retries on Single Login Failure:
search cancel

UVMS LDAP Account Lockout due to Multiple Authentication Retries on Single Login Failure:

book

Article ID: 433465

calendar_today

Updated On:

Products

CA Automic Dollar Universe

Issue/Introduction

When an LDAP user attempts to log in with an incorrect password, the Univiewer Management Server (UVMS) triggers multiple authentication attempts for that single login request. This behavior leads to the user account being prematurely locked out in the Active Directory/LDAP directory due to the threshold for failed attempts being exceeded.

Expected Behavior: A single login attempt with an incorrect password should result in one authentication failure.

Actual Behavior: A single login attempt triggers several backend authentication requests, resulting in an account lockout (LDAP error code 49 with data 775).

Environment

 

  • Product: Univiewer Management Server (UVMS)

  • Version: v7.01.11

  • Authentication Type: LDAP / Active Directory

 

Cause

This issue is identified as a software defect where the authentication logic does not properly terminate after the first failure.

  • Defect ID: DE181985

Resolution

A formal fix for this behavior is planned for a future release.

  • Fixed Version: Univiewer Management Server(UVMS) and Unviewer Console(UVC) 7.01.21 . Please note that both UVMS and UVC must be updated.

  • Release Date: No tentative delivery date has been set at this time.

Additional Information

Public Title: Prevent account lockout if the password is wrong

Public Description: Changed the LDAP login process code to quit immediately if the password is wrong, preventing account lockouts

Powered by Wolken Software