Login Authentication error in im.AuthenticationModule failed to disambiguate user NamingException: JBAS011843 LDAP: error code 52 - Unavailable
Article ID: 97170
Updated On:
Products
CA Identity Manager
CA Identity Governance
CA Identity Portal
Issue/Introduction
Errors below occur intermittently when users log in.
2018-05-14 12:45:21,837 ERROR [ims.llsdk.directory.jndi] (default task-14) Search failed with filter (&(abcMLoginId=imadmin)(&(objectclass=abctUser)(objectclass=abcUserAux)))
2018-05-14 12:45:21,837 ERROR [im.AuthenticationModule] (default task-14) Failed to disambiguate user imadmin. Error Message: javax.naming.NamingException: JBAS011843: Failed instantiate InitialContextFactory com.sun.jndi.ldap.LdapCtxFactory from classloader ModuleClassLoader for Module "deployment.iam_im.ear.user_console.war:main" from Service Module Loader [Root exception is javax.naming.ServiceUnavailableException: [LDAP: error code 52 - Unavailable]]
2018-05-14 12:45:21,837 DEBUG [ims.frameworkLogin] (default task-14) Login failure: Unable to process logins. Please contact your administrator.
2018-05-14 12:45:21,837 ERROR [ims.llsdk.directory.jndi] (default task-14) Search failed with filter (&(abcMLoginId=imadmin)(&(objectclass=abctUser)(objectclass=abcUserAux)))
2018-05-14 12:45:21,837 ERROR [im.AuthenticationModule] (default task-14) Failed to disambiguate user imadmin. Error Message: javax.naming.NamingException: JBAS011843: Failed instantiate InitialContextFactory com.sun.jndi.ldap.LdapCtxFactory from classloader ModuleClassLoader for Module "deployment.iam_im.ear.user_console.war:main" from Service Module Loader [Root exception is javax.naming.ServiceUnavailableException: [LDAP: error code 52 - Unavailable]]
2018-05-14 12:45:21,837 DEBUG [ims.frameworkLogin] (default task-14) Login failure: Unable to process logins. Please contact your administrator.
Environment
Release:
Component: IDMGR
Component: IDMGR
Cause
The errors indicate that the login fails because the user directory is unavailable for authenticating the user (note "LDAP: error code 52- Unavailable" in the error messages).
The LDAP that is unavailable refers to the imsDirectory, the user directory for the environment. It appears that the user directory is intermittently unavailable, perhaps due to high load for example
The LDAP that is unavailable refers to the imsDirectory, the user directory for the environment. It appears that the user directory is intermittently unavailable, perhaps due to high load for example
Resolution
Check the health of the user directory and verify that it is available to serve requests.
Feedback
Yes
No
Powered by
