Issue:
We run Web Agent, and when the same user login within the same second, the first tentative fails as the second with the same credentials succeeds :
[Az][AzAccept][][myagent][04/Sep/2017:11:37:59 +0000][myagent]
[3+YR9IwUQAQ1gs5142aIiBm/fZk=][cn=myuser,ou=myldap,o=com][03-0005cd09-d0fc-1829-dsd4-fd130a464057]
[myrealm][06-0007b613-4645-1834-a251-fd190a4640f7][UNKNOWN][/protected/]
[GET][][][][0000000000000000000000008c8415ab-c5a8-59ad3b17-1afee700-28a576b8b5ea][]
[mydomain][][][][][]
[Auth][AuthReject][38][myagent][04/Sep/2017:11:37:59 +0000][myagent]
[56Yr3GKp9Ipcd8d7+OeVU1kLOGo=][cn=myuser,ou=myldap,o=com][03-0005cd09-d0fc-1829-dsd4-fd130a464057]
[myrealm][06-0007b613-4645-1834-a251-fd190a4640f7][UNKNOWN][/protected/]
[GET][myuserstore][master failover,master
failover,master failover,master
failover,master failover,master
failover,master failover,master
failover][LDAP:][][][mydomain][][][][][]
curl -H "Authorization: Basic bTk1MDAzNzoxMjNWbGllZ251b3Ah" -H "Cookie: SMCHALLENGE=YES" https://myhost.mydomain.com/protected/
This script runs 20 Authentications a minute;
Why is this happening? How can we fix this?
Environment:
Web Agent R12.52 SP1 CR01 on Apache 2.2 on RedHat 6.6 64 bit;
User Store on Novell eDir LDAP 8.8.8;
Cause:
This issue occurs because the Policy Server tries to update a field that the Novell LDAP Server hasn't replicated completely.
Resolution:
Disable "Track successful logins" on the password policies to solve this issue, or tune the LDAP Server replication to cope with the load you put on the environment.
KB : kb000075010