Tech Tip: Cannot logon to SOI UI with AD users

Document created by Brahma Employee on Dec 10, 2015
Version 1Show Document
  • View in full screen mode

Environment:

SOI 3.3

EEM 12.51

 

Problem:

EEM is integrated with Microsoft Active Directory, this configuration is working as expected. In the SOI Console, added couple of AD users to Administrator group.

But none of the AD users are unable to access SOI UI and getting Authentication failure errors.

 

In the \SOI\SamUI\logs\soiuis-debug.log shows below exceptions...

 

     eem.EEMSSOContext.authenticateWithPassword(283)  - [Authenticate Error: Authentication Failed, Identity Attempted: <DomainName\UserFirstname.LName] com.ca.eiam.SafePasswordException: EE_AUTHFAILED Authentication Failed

     eem.EEMSSOContext.authenticateWithPassword(299)  - EEMSSOContext::authenticateWithPassword - EEM Exception while authenticating...

     EE_BADOBJECT Bad Object[resource=/sam/ui/index.jsp][username=<DomainName\UserFirstname.LName]

     eem.EEMSSOContext.authenticateWithPassword(303)  - [] com.ca.eiam.SafeException: EE_BADOBJECT Bad Object

 

Resolution:

1) Logon to EEM UI -> Configure -> User Store -> "Reference from an external LDAP Directory"

2) If "Microsoft Active Directory Forest" option is selected, then SOI users cannot be authenticated (see attached screenshot)

3) Change this option to "Basic LDAP Directory" (see attached screenshot)

4) Now, all AD users will be able to access SOI UI

Outcomes