search cancel

When putting load on our environment, Policy Server reports randomly authreason 38


Article ID: 75010


Updated On:


CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On


We run Web Agent, and when the same user login within the same second, the first tentative fails as the second with the same credentials succeeds :
  [Az][AzAccept][][myagent][04/Sep/2017:11:37:59 +0000][myagent] 

  [Auth][AuthReject][38][myagent][04/Sep/2017:11:37:59 +0000][myagent] 
  [GET][myuserstore][master failover,master 
  failover,master failover,master 
  failover,master failover,master 
  failover,master failover,master 

  curl -H "Authorization: Basic bTk1MDAzNzoxMjNWbGllZ251b3Ah" -H "Cookie: SMCHALLENGE=YES" 

  This script runs 20 Authentications a minute; 

Why is this happening? How can we fix this? 


This issue occurs because the Policy Server tries to update a field that the Novell LDAP Server hasn't replicated completely.


Web Agent R12.52 SP1 CR01 on Apache 2.2 on RedHat 6.6 64 bit; 
User Store on Novell eDir LDAP 8.8.8;


Disable "Track successful logins" on the password policies to solve this issue, or tune the LDAP Server replication to cope with the load you put on the environment.