When putting load on our environment, Policy Server reports randomly authreason 38
book
Article ID: 75010
calendar_today
Updated On:
Products
CA Single Sign On Secure Proxy Server (SiteMinder)
AXIOMATICS POLICY SERVER
CA Single Sign On SOA Security Manager (SiteMinder)
CA Single Sign-On
Show More
Show Less
Issue/Introduction
We run Web Agent, and when the same user login within the same second, the first tentative fails as the second with the same credentials succeeds : [Az][AzAccept][][myagent][04/Sep/2017:11:37:59 +0000][myagent] [3+YR9IwUQAQ1gs5142aIiBm/fZk=][cn=myuser,ou=myldap,o=com][03-0005cd09-d0fc-1829-dsd4-fd130a464057] [myrealm][06-0007b613-4645-1834-a251-fd190a4640f7][UNKNOWN][/protected/] [GET][][][][0000000000000000000000008c8415ab-c5a8-59ad3b17-1afee700-28a576b8b5ea][] [mydomain][][][][][] [Auth][AuthReject][38][myagent][04/Sep/2017:11:37:59 +0000][myagent] [56Yr3GKp9Ipcd8d7+OeVU1kLOGo=][cn=myuser,ou=myldap,o=com][03-0005cd09-d0fc-1829-dsd4-fd130a464057] [myrealm][06-0007b613-4645-1834-a251-fd190a4640f7][UNKNOWN][/protected/] [GET][myuserstore][master failover,master failover,master failover,master failover,master failover,master failover,master failover,master failover][LDAP:][][][mydomain][][][][][] curl -H "Authorization: Basic bTk1MDAzNzoxMjNWbGllZ251b3Ah" -H "Cookie: SMCHALLENGE=YES" https://myhost.mydomain.com/protected/ This script runs 20 Authentications a minute; Why is this happening? How can we fix this?
Cause
This issue occurs because the Policy Server tries to update a field that the Novell LDAP Server hasn't replicated completely.
Environment
Web Agent R12.52 SP1 CR01 on Apache 2.2 on RedHat 6.6 64 bit; User Store on Novell eDir LDAP 8.8.8;
Resolution
Disable "Track successful logins " on the password policies to solve this issue, or tune the LDAP Server replication to cope with the load you put on the environment.
Feedback
thumb_up
Yes
thumb_down
No