SiteMinder bind to User Directory fails partially with Error 49 - Invalid credentials

book

Article ID: 26630

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) AXIOMATICS POLICY SERVER CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction

Description:

Binding to a user directory fails with Error 49 - Invalid Credentials even though the credentials are valid.

Please clarify why this is happening.

Solution:

The invalid credentials results from a persistent connection to the user directory.

SiteMinder uses persistent connections to avoid incurring the overhead of a new TCP connection everytime a request is made.

The solution is to restart Siteminder after making changes to the authentication credentials of the User Directory. This will force all the connections to close and on restart Siteminder will establish new ones.

The log will usually show the following error:

SmDsLdapConnMgr Bind. Server ldap.example.com:389. Error 49 - Invalid credentials.

Environment

Release: ESPSTM99000-12.51-Single Sign On-Extended Support Plus
Component: