- Community Home
- >
- Networking
- >
- IMC
- >
- IMC v7.3 authentication server fail (LDAP)
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-20-2017 07:48 PM
07-20-2017 07:48 PM
IMC v7.3 authentication server fail (LDAP)
I have been confirguration completed but when log on via user in AD then error
Authentication server is not available. Please contact the administrator.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-21-2017 11:33 AM
07-21-2017 11:33 AM
Re: IMC v7.3 authentication server fail (LDAP)
If you are using AD as your LDAP server then you need to set Microsoft Active Directory as server type and sAMAccountName as Username attribute.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-04-2017 11:12 AM
08-04-2017 11:12 AM
Re: IMC v7.3 authentication server fail (LDAP)
While youre correct, you are also incorrect.
I have that setup properly but, I too get the same error, Authentication server is not available. I also get bits in the log about a Java certificate that is missing ont he DC. That seems odd to me.
2017-08-04 11:55:18 [WARN ] [http-nio-8080-exec-4] [com.imc.servlet.filters.UrlAccessController::doFilter] Access URL With No OperatorInfo: /imc/login.jsf?null from 10.5.2.18
2017-08-04 11:55:18 [WARN ] [http-nio-8080-exec-4] [com.imc.ext.beans.CommonExtensionManagedBean::filterExtensionConfigsForAppVersion] current version is not app version.current perspectiveId is empty.
2017-08-04 11:55:18 [WARN ] [http-nio-8080-exec-4] [com.imc.ext.beans.CommonExtensionManagedBean::filterExtensionConfigsForAppVersion] current version is not app version.current perspectiveId is empty.
2017-08-04 11:55:18 [WARN ] [http-nio-8080-exec-4] [com.imc.ext.beans.CommonExtensionManagedBean::filterExtensionConfigsForAppVersion] current version is not app version.current perspectiveId is empty.
2017-08-04 11:55:18 [INFO ] [Thread-64] [com.imc.ntam.config.ntatask.func.NoneConfigInfoReceiver::run] this.msgQueue.poll() : 0
2017-08-04 11:55:18 [INFO ] [Thread-64] [com.imc.ntam.config.ntatask.func.NoneConfigInfoReceiver::run] NoneConfigInfoReceiver run 0
2017-08-04 11:55:18 [WARN ] [http-nio-8080-exec-4] [com.imc.ext.beans.CommonExtensionManagedBean::filterExtensionConfigsForAppVersion] current version is not app version.current perspectiveId is empty.
2017-08-04 11:55:18 [WARN ] [http-nio-8080-exec-4] [com.imc.ext.beans.CommonExtensionManagedBean::filterExtensionConfigsForAppVersion] current version is not app version.current perspectiveId is empty.
2017-08-04 11:55:18 [WARN ] [http-nio-8080-exec-4] [com.imc.ext.beans.CommonExtensionManagedBean::filterExtensionConfigsForAppVersion] current version is not app version.current perspectiveId is empty.
2017-08-04 11:55:18 [ERROR] [http-nio-8080-exec-4] [com.imc.plat.operator.func.LdapUtils::authenticate] Failed to connect to LDAP Server
javax.naming.CommunicationException: simple bind failed: 10.0.128.33:636 [Root exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: No trusted certificate found]
at com.sun.jndi.ldap.LdapClient.authenticate(LdapClient.java:218)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2740)
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:316)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:193)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:211)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:154)
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:84)
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:684)
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:307)
at javax.naming.InitialContext.init(InitialContext.java:242)
at javax.naming.InitialContext.<init>(InitialContext.java:216)
at javax.naming.directory.InitialDirContext.<init>(InitialDirContext.java:101)
at com.imc.plat.operator.func.LdapUtils.authenticate(LdapUtils.java:192)
at com.imc.plat.operator.func.OperatorAuthMgrLdapImpl.authenticate(OperatorAuthMgrLdapImpl.java:55)
at com.imc.plat.operator.func.OperatorMgrImpl.localAuthentic(OperatorMgrImpl.java:2578)
at com.imc.plat.operator.func.OperatorMgrImpl.login(OperatorMgrImpl.java:2072)
at sun.reflect.GeneratedMethodAccessor3946.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:317)
at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
at org.springframework.transaction.interceptor.TransactionInterceptor$1.proceedWithInvocation(TransactionInterceptor.java:96)
at org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:260)
at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:94)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
at com.sun.proxy.$Proxy52.login(Unknown Source)
at com.imc.plat.operator.view.OperatorBean.onLogin(OperatorBean.java:1632)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at org.apache.el.parser.AstValue.invoke(AstValue.java:279)
at org.apache.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:273)
at org.apache.myfaces.view.facelets.el.ContextAwareTagMethodExpression.invoke(ContextAwareTagMethodExpression.java:96)
at org.apache.myfaces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:68)
at javax.faces.component.UICommand.broadcast(UICommand.java:120)
at javax.faces.component.UIViewRoot._broadcastAll(UIViewRoot.java:1041)
at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:289)
at javax.faces.component.UIViewRoot._process(UIViewRoot.java:1415)
at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:765)
at org.apache.myfaces.lifecycle.InvokeApplicationExecutor.execute(InvokeApplicationExecutor.java:38)
at org.apache.myfaces.lifecycle.LifecycleImpl.executePhase(LifecycleImpl.java:170)
at org.apache.myfaces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:117)
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:197)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.primefaces.webapp.filter.FileUploadFilter.doFilter(FileUploadFilter.java:79)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at com.imc.servlet.filters.FileUploadEncodingFilter.doFilter(FileUploadEncodingFilter.java:29)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.catalina.filters.CorsFilter.handleNonCORS(CorsFilter.java:436)
at org.apache.catalina.filters.CorsFilter.doFilter(CorsFilter.java:177)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at com.imc.filter.ImcBrowserCacheInvalidFilter.doFilter(ImcBrowserCacheInvalidFilter.java:66)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at com.imc.filter.ImcNoEtagFilter.doFilter(ImcNoEtagFilter.java:47)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at com.imc.filter.ImcExpiresFilter.doFilter(ImcExpiresFilter.java:830)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at com.imc.servlet.filters.UrlAccessController.doFilter(UrlAccessController.java:480)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:218)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:110)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:506)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:452)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1087)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:637)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1760)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1719)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:745)
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: No trusted certificate found
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1904)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:279)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:273)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1446)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:209)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:901)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:837)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1023)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1332)
at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:709)
at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:122)
at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:82)
at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:140)
at com.sun.jndi.ldap.Connection.writeRequest(Connection.java:431)
at com.sun.jndi.ldap.Connection.writeRequest(Connection.java:404)
at com.sun.jndi.ldap.LdapClient.ldapBind(LdapClient.java:358)
at com.sun.jndi.ldap.LdapClient.authenticate(LdapClient.java:213)
... 87 more
Caused by: sun.security.validator.ValidatorException: No trusted certificate found
at sun.security.validator.SimpleValidator.buildTrustedChain(SimpleValidator.java:384)
at sun.security.validator.SimpleValidator.engineValidate(SimpleValidator.java:134)
at sun.security.validator.Validator.validate(Validator.java:260)
at sun.security.validator.Validator.validate(Validator.java:236)
at com.imc.plat.operator.LdapX509TrustManager.validate(LdapX509TrustManager.java:101)
at com.imc.plat.operator.LdapX509TrustManager.checkServerTrusted(LdapX509TrustManager.java:82)
at sun.security.ssl.AbstractTrustManagerWrapper.checkServerTrusted(SSLContextImpl.java:885)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1428)
... 100 more
2017-08-04 11:55:18 [INFO ] [http-nio-8080-exec-4] [com.imc.plat.operlog.func.OperationLogMgrImpl::insertLog] moduleId: 3, description: Operator logged in.
2017-08-04 11:55:18 [INFO ] [http-nio-8080-exec-4] [com.imc.plat.operlog.func.OperationLogMgrImpl::insertLog] [OperationLog] Operator:langlej,IP Address:10.5.2.18,Module Name:Platform,Operation:Operator logged in.,Result:FAILURE
2017-08-04 11:55:18 [INFO ] [http-nio-8080-exec-4] [com.imc.res.device.dao.ResUsedLicenseCount::getUsedCount] resp.vcfPECount is : 0
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-04-2017 12:08 PM
08-04-2017 12:08 PM
Re: IMC v7.3 authentication server fail (LDAP)
I'll try and correct.
The OP did not have require SSL checked. And if SSL is NOT checked, then it will work as I orginally described.
It looks like you have checked SSL, based on the logs, correct?
Assuming that is the case, if you check SSL you must:
- Change the port to 636 - this is the cause of server not available message
- Export the Root Certificate for your AD domain from the domain controller (not the DC's cert) and upload to IMC
If the wrong cert is uploaded the message will change to wrong authentication file or something like that.
Hopefully that helps - I have verified both SSL and non SSL configuration on my system, so if you are still having issues, there is some other problem.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-08-2017 04:56 AM
08-08-2017 04:56 AM
Re: IMC v7.3 authentication server fail (LDAP)
That has been the setup since the change to AD was made and yet, I still get the error of "Authentication server is not available. Please contact the administrator."
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-08-2017 10:01 AM
08-08-2017 10:01 AM
Re: IMC v7.3 authentication server fail (LDAP)
Same issue on port 389 (no ssl) as 636? For me that message indicated no traffic on port when I tested it.
Check windows firewall on both IMC and AD. Turn it off to verify or use wireshark
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-08-2018 06:13 AM
05-08-2018 06:13 AM
Re: IMC v7.3 authentication server fail (LDAP)
Hi. I have this same error. I use SSL connection with dc cert and port 636.
I solved this problem after analyses auth logs. It is JAVA problems. Change field "Admin DN" to formats user.name@dc.com(implat@imc.com). It is helped me.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-09-2018 02:30 AM
05-09-2018 02:30 AM
Re: IMC v7.3 authentication server fail (LDAP)
Thanks! That did the trick here too! :)