User locking at login failure

I have set for user locking 30 minutes after 6 fail attempts, in both password and question logins. Anyway, I realize that there are 2 different treatments as below:
1. when user fails to login with password after n times, user is locked for 30 minutes. User is unlocked correctly after 30 minutes.
2. when user fails to login with questions after n times, user is locked for good!
I don't understand why IdM treats both cases differently. Does anyone know how to treat the 2nd case just like the 1st case above?

Hi,
// check whether the user belongs to particular role
IWDClientUser wduser = WDClientUser.getCurrentUser();
  IUser user= wduser.getSAPUser();
     IUserAccount userAcc=usr.getUserAccounts()[0];
if(userACC.isMemberOfRole("",true)){
//check
For ref:
https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/com.sap.km.cm.docs/library/security-and-identity-management/p-r/protecting%20access%20to%20the%20web%20dynpro%20car%20rental%20application%20using%20ume%20permissions.pdf
Regards,
Naga

Similar Messages

  • Locking user after multiple login failures

    I want to be able to check that a user isn't trying to bombard the server with multiple login requests. So what would be the best way to check, and set lets say 3 tries or you're out for a user?
    Thanks in advance

    I can think of three ways:
    1: Store log-in attempts in the HttpSession but doesn't help if client uses a new browser and thus a new session.
    2: Store log-in attempts in a persisted cookie. Will also need to set a cookie with the date/time of the last attempt to be able to unlock the PC.
    3: Store the log-in attempts in a DB. Again need to store the date/time of the last attempt. Problem is connecting a userId's to the actual user.
    My choice would be #2 combined with #1. If a user has disabled cookies I would use the session otherwise I would use the cookies.

  • TB V31.0 SMTP user name has extraneous characters at end causes SMTP login failure

    Ubuntu 14.04 LTS with Thunderbird. TB updated recently to V31.0 and SMTP login problems started.
    Worked fine before update. ISP BTinternet.com in UK. Removed and reinstalled Accounts and checked and changed passwords in attempt to resolve problem. Web access works fine so account is OK.
    TB SMTP Log shows extra characters in SMTP user login name causing login failure. Have deleted SMTP account and recreated but error still there.
    Here is an extract from the TB SMTP log. User name is [email protected], but you can see that there are extra characters at the end.
    -1492797568[7fe4a5d17580]: trying auth method 0x200
    -1492797568[7fe4a5d17580]: SMTP entering state: 16
    -1492797568[7fe4a5d17580]: SMTP AuthLoginStep1() for [email protected]@`sÿ£ä
    -1492797568[7fe4a5d17580]: PLAIN auth
    -1492797568[7fe4a5d17580]: Logging suppressed for this command (it probably contained authentication information)
    -1492797568[7fe4a5d17580]: SMTP entering state: 0
    -1492797568[7fe4a5d17580]: SMTP Response: 535 invalid user ID or password
    -1492797568[7fe4a5d17580]: SMTP entering state: 18
    -1492797568[7fe4a5d17580]: SMTP Login response, code 535
    -1492797568[7fe4a5d17580]: marking auth method 0x200 failed ..
    How to edit the SMTP username string to remove these extraneous characters?
    Any help appreciated.
    Paul_B

    Hi Matt,
    Thanks for replaying.
    Not that I am aware of. This is ubuntu 14.04 LTS so there is no anti virus software running and no proxy. Straight to my broadband router and out to the wide world.
    I'm currently tryinf to trace where the login string is stored to see if I can clean it up there.
    Paul B

  • User locks out, due to 5 invalid login attempts after the server running

    Hi ,
    I HAC on WLS 10.3.2 (Oracle Solaris on x86-64 (64-bit)).
    user locks out, due to 5 invalid login attempts just after the server comes into running state.
    But the strange thing is Customer is not trying to login into it.
    we unlocked the user, after logging into the console with a different user.
    Customer knows the username and password
    Still the issue appears after few minutes.
    Below are the logs:
    ####<Oct 5, 2010 2:41:36 PM SGT> <Notice> <WebLogicServer> <STG-DS11> <AdminServer> <[ACTIVE] ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <21524a931a3e4d99:45f2a2df:12b7b1fb09c:-8000-0000000000000005> <1286260896734> <BEA-000329> <Started WebLogic Admin Server "AdminServer" for domain "IDMDomain" running in Production Mode>
    ####<Oct 5, 2010 2:41:36 PM SGT> <Notice> <WebLogicServer> <STG-DS11> <AdminServer> <main> <<WLS Kernel>> <> <21524a931a3e4d99:45f2a2df:12b7b1fb09c:-8000-0000000000000003> <1286260896843> <BEA-000365> <Server state changed to RUNNING>
    ####<Oct 5, 2010 2:41:36 PM SGT> <Notice> <WebLogicServer> <STG-DS11> <AdminServer> <main> <<WLS Kernel>> <> <21524a931a3e4d99:45f2a2df:12b7b1fb09c:-8000-0000000000000003> <1286260896846> <BEA-000360> <Server started in RUNNING mode>
    ####<Oct 5, 2010 2:41:36 PM SGT> <Info> <J2EE> <STG-DS11> <AdminServer> <[STANDBY] ExecuteThread: '2' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <21524a931a3e4d99:45f2a2df:12b7b1fb09c:-8000-0000000000000006> <1286260896848> <BEA-160151> <Registered library Extension-Name: bea_wls_async_response (JAR).>
    ####<Oct 5, 2010 2:41:37 PM SGT> <Info> <EJB> <STG-DS11> <AdminServer> <[STANDBY] ExecuteThread: '2' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <21524a931a3e4d99:45f2a2df:12b7b1fb09c:-8000-0000000000000006> <1286260897879> <BEA-010008> <EJB Deploying file: mejb.jar>
    ####<Oct 5, 2010 2:41:39 PM SGT> <Info> <EJB> <STG-DS11> <AdminServer> <[STANDBY] ExecuteThread: '2' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <21524a931a3e4d99:45f2a2df:12b7b1fb09c:-8000-0000000000000006> <1286260899932> <BEA-010009> <EJB Deployed EJB with JNDI name ejb.mgmt.MEJB.>
    ####<Oct 5, 2010 2:42:35 PM SGT> <Info> <Health> <STG-DS11> <AdminServer> <weblogic.GCMonitor> <<anonymous>> <> <21524a931a3e4d99:45f2a2df:12b7b1fb09c:-8000-000000000000000c> <1286260955961> <BEA-310002> <50% of the total memory in the server is free>
    ####<Oct 5, 2010 2:43:35 PM SGT> <Info> <Health> <STG-DS11> <AdminServer> <weblogic.GCMonitor> <<anonymous>> <> <21524a931a3e4d99:45f2a2df:12b7b1fb09c:-8000-000000000000000c> <1286261015987> <BEA-310002> <71% of the total memory in the server is free>
    ####<Oct 5, 2010 2:46:09 PM SGT> <Notice> <Security> <STG-DS11> <AdminServer> <ExecuteThread: '3' for queue: 'weblogic.socket.Muxer'> <<WLS Kernel>> <> <21524a931a3e4d99:45f2a2df:12b7b1fb09c:-8000-000000000000001b> <1286261169575> <BEA-090078> <User weblogic in security realm myrealm has had 5 invalid login attempts, locking account for 30 minutes.>
    ####<Oct 5, 2010 2:46:24 PM SGT> <Info> <Server> <STG-DS11> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <21524a931a3e4d99:45f2a2df:12b7b1fb09c:-8000-000000000000001d> <1286261184189> <BEA-002635> <The server "wls_ods1" connected to this server.>
    Thanks,
    Daniel

    User weblogic in security realm myrealm has had 5 invalid login attempts, locking account for 30 minutes.The customer knows the weblogic password?

  • How to see / limit consecutive login failures?

    Hi, our server is running 10.4.7 server.
    In terms of hardening the machine against attacks, is there be default a limit to the number of failed logins that occur before an account is locked in some way?
    If not, is there a way to turn ON that security feaure?
    Where are login failures logged?
    Thanks!

    Yes, you can set a limit to login failures. The following assumes that you are using Open Directory and that your users are authenticating against the server's Open Directory database.
    For global policies =
    Open Server Admin > for the proper server select Open Directory > select Policy > select Passwords > adjust settings
    For a single user = this will override global policies listed above
    Open Workgroup Manager > browse users > select the account you wish to manage > Select the Advanced user settings > select Options > dialog box gives ability to limit access in a variety of ways.
    Authentication is logged =
    Server Admin > Open Directory > Logs > Password service server log

  • User Locking out in LDAP

    I guess it's common problem in LDAP. If the user locks out after 3 failed failed logins, The admin needs to be entered in NDS conslole and he need to be unlock after he gets a request from that user. But I couldn't find the property for single User. whatever you specify the parameter in User Lockout tab, it's valid for all the user.
    i.e. if you uncheck the checkbox User lockout check box it's valid for all the users. How to unlock the particular user in NDS???
    any help in this regard is really appreciable.
    regards,
    chandra

    What version of WLS are you using? In the 6.0 beta, user lockout was one of
    the new security features
    added. This way, WLS could detect the failure and allow administrators to
    detect password guessing
    attempts.
    If this is a previous release of WLS, you will need to check the NDS
    documentation for how to unlock
    a given user.
    Paul Patrick
    "chandra" <[email protected]> wrote in message
    news:3a1e3d7d$[email protected]..
    >
    I guess it's common problem in LDAP. If the user locks out after 3 failedfailed logins, The admin needs to be entered in NDS conslole and he need to
    be unlock after he gets a request from that user. But I couldn't find the
    property for single User. whatever you specify the parameter in User Lockout
    tab, it's valid for all the user.
    >
    i.e. if you uncheck the checkbox User lockout check box it's valid for allthe users. How to unlock the particular user in NDS???
    >
    any help in this regard is really appreciable.
    regards,
    chandra

  • Portal User Locked

    Hi Paul,
    I have the same problem as reported by Vikas. I have a user called "test2" who is locked out due to login failures.
    When I click on the link you have provided to get more info, I get the "Server not found" message. Could you please forward me the information ?
    Thanks
    -Virinder.

    Hi Paul,
    Thanks for the input. I ran the ssounlck.sql script but I cannot still login. I get the message "Your username has been locked out from this IP address".
    Here are my settings from Login Server's Account Lock Policy:
    Global lockout duration: 1 days
    Lockout duration for one IP address: 15 mins
    Single Sign-On session duration: 24 hrs
    Do I have to change these settings to see the unlocking taking place today ? Also, what if I want the Global lockout duration to be less than 1 day ?
    Thanks for your help,
    -Virinder.

  • Application got locked when power failure(abnormal shutdown)

    hi all,,,
    I am developing swings application where user needs to login by giving valid Uname and password(only one user at a time,multiple users not allowed) and im storing this data(Uname and pwd) and status(looged in/not) in xml,my app is working fine when we closed the application normally,for this i had written an event when clicked on close button(by using boolean).
    My problem is when there is power failure/system crashes,the application is getting locked when user tries to login.
    can any help me in this..wat can i do to solve this?

    I found that problem
    i hope your application will be running in a network drive and only one user can login at a time.
    so u need to track the abrupt shutdown.

  • RE: Force user to re-login if the application is idle for awhile!

    Hi,
    I a similar thing a little while ago for an application written in a 4gl (not Forte) running
    windows 95 clients. I ended up dropping out to "C" and using the SDK to install
    hooks which monitored certain mouse and keyboard events to the application.
    It ended up being less than 10 lines of code in the end whereas when I tried
    to do it within the 4gl it was looked like wholesale changes to lots of code.
    This option fell down when the user was reading their help file or updating
    a word document so we added a pop-up which came up at the front of all applications
    on the PC giving the user a further minute to respond so as not to annoy the genuine
    user who was still "there" but doing something else.
    I have not had the chance to try this in Forte yet but it should be possible.
    If you think this might be an option for you I will try and cobble together an
    example.
    Dalton
    ===============================================================
    Dalton Cranston 45 Castle St.,
    GO5 Ltd Reading. RG1 7SN
    E-mail: [email protected] United Kingdom
    URL: www.go5.com Phone: +44 (0)1189 589 555
    Fax: +44 (0)1189 587 467
    -----Original Message-----
    From: Lu Wang X1 [SMTP:[email protected]]
    Sent: 13 February 1998 17:45
    To: [email protected]
    Subject: Force user to re-login if the application is idle for a while!
    Hi;
    For some security reasons, it requires our Forte application to force user to
    re-log into the application if the user doesn't use this application for 10
    minutes. The problem and difficulty to us is that how to determine there is no
    activity going on for this application on the client's PC.
    Any thought and ideas will be greatly appreciated!
    Lu Wang
    Eli Lilly and Company
    [email protected]
    (317)276-5776

    Hi Rick,
    Thanks for the Reply.
    When they are doing some action with RF id system gave DUMP - ITS_TEMPLATE_NOT_FOUND.
    With this is there any efect on Table locking.
    We got the dump on the ITS screen where as at the same time in back end ECC system TABLE data is using.
    Thanks
    Naresh

  • SSL VPN Login failure issue

    Hello,
    I am having an issue with some users trying to login to our SSL VPN (Anyconnect) via ASA5505 8.2(1).  Authentication is done via AD.  From the same computer, the client finds the DNS name and unlocks the login username and password.  When I enter a username and password and click connect, it is instantly rejected with login failure with the following event log:
    Function: ConnectMgr::setPromptAttributes
    File: .\ConnectMgr.cpp
    Line: 2657
    Invoked Function: setPromptAttributes
    Return Code: -33554423 (0xFE000009)
    Description: GLOBAL_ERROR_UNEXPECTED
    Error text:
    Login failed.
    If I change the user account to another user (from the same PC), login works perfectly fine - this is only happening with 3 or 4 users - I have compared the user accounts of a failing account and a successful account and they are identical in AD. 
    This has been driving me crazy - as a work around for the failing users, I just created a temporary account which works perfectly fine.  The request doesn't even seem to hit the ASA (there is nothing in the logs that show a failed attempt).  Still troubleshooting and looking at certificate's at this point.  Any help/suggestions would be greatly appreciated!!  Thanks.
    Regards.
    After a little more testing, seems somehow related to users being in to many groups in AD.      
    Message was edited by: Rich Viola

    Hello,
    If the website is unavailable or in this case, the website is missing several characters(charts, canvas, etc or some other objects), usually could be an issue with the rewrite engine.
    Solution (workaround):
    You may use smart tunnel for this website, so the rewrite engine will not override any content, and it will display the website as it should.
    You can implement it as follow:
    Add a Bookmark
    Bookmark for the service and clicking the Enable Smart Tunnel option in the Add or Edit Bookmark dialog box.
    For further information you can find it here:
    http://www.cisco.com/c/en/us/td/docs/security/asa/asa83/configuration/guide/config/webvpn.html#wp1272236
    Let me know how tit works out!
    Please don't forget to rate and mark as correct the helpful Post!
    David Castro,
    Regards,

  • After creating a contained database, getting a login failure error while trying to connect to it.

    After creating a contained database and a user with passowrd under the same database, I tried connecting to the contained database. I entered the server name, login credentials and went to the connection properties tab to select the contained database using
    <browse server> option under "connect to database". Here I get the login failure error.
    TITLE: Browse Server for Database
    Failed to connect to server <servername>\<login>. (Microsoft.SqlServer.ConnectionInfo)
    But when I manually enter the Database name instead of selecting from the <browse server> option the connection gets through.
    Is this a Bug ? Has anyone else faced this error?

    Hello,
    Is this a Bug ? Has anyone else faced this error?
    It's not a bug, it's working as intended. Contained users don't have instance level permissions and cannot "login" to the instance (which is what the "browse" button is attempting). In order for it to work, the database name must be in the connection string
    (which with the browse button, it will not be).
    Welcome to contained users, they aren't for everyone.
    Sean Gallardy | Blog | Microsoft Certified Master

  • How to avoid user locking

    hi,
    when a user tries to login but enters serveral time a wrong password the account get locked. is it possible to change this behaviour (I mean beside entering the right password) so that the account will not be locked?
    kind regards
    Michael

    Hi Michael,
    I don’t think there a parameter which prevent locking users when wrong password is entered several times. But as the above post says you have a workaround. Set the parameter login/fails_to_user_lock  to a high value. It can take a value from 1-99 , logically nobody will enter wrong password 99 times the same day
    Every time the user enters a wrong password the counter is raised for that user’s master record. When the limit set by this parameter is surpassed, the user is locked. The lock becomes invalid at the end of the current day depending of  login/failed_user_auto_unlock ‘s value ( if value is 1 lock is released at the end of the day )
    You can put the value for  login/fails_to_user_lock  in default profile (RZ10 --> Defaulr.pfl  --> change ) . But I don’t recommend doing this.This is a security violation , user id should get locked after entering wrong password few times. Then you can make sure that the system is being used by the right person and somebody cant login to the system by trial and error method.
    The above procedure is for ABAP system .. I see you have posted this in JAVA forum, I am not sure about the Java procedure.
    Thanks
    Prince Jose

  • SADMIN User-Id failed logins while running srvrmgr

    Hi All,
    Need help with one of my Customers running srvrmgr command against gateway.
    Customer had installed siebel environment 15 days back and it was working fine. Suddenly, from easter week end seeing sadmin id failing and locking out. Customer is running srvrmgr and see sadmin user-id failed logins with ONLY siebel gateway up, and siebel server down.
    1.He is able to run odbcsql with sadmin id/pwd fine
    2.With sadmin/pwd srvrmgr connects fine, all command line operations are fine. But see sadmin failing in nameserver log file.
    3.I see 2 separate sadmin connections in name server log file which is weird, one with 'sadmin' works fine no failed logins and second with 'SADMIN' which fails. Below are log snapshots. Has anyone seen this issue before
    1. Below error messages suggest login with SADMIN is failing:
    SecAdptLog Debug 5 000000034dbf2a6c:0 2011-05-03 15:18:35 Invoking SecurityLogin with username=SADMIN ...
    SecAdptLog Debug 5 000000034dbf2a6c:0 2011-05-03 15:18:35 ODBC security adapter configured: connectstring='SBA_81_DM1_DSN', tableowner='siebel', GlobalConnections=.
    DBCLog DBCLogDetail 4 000000034dbf2a6c:0 2011-05-03 15:18:35 Dynamically loading ODBC library functions
    DBCLog DBCLogDetail 4 000000034dbf2a6c:0 2011-05-03 15:18:35 Successfully loaded ODBC library functions
    SQLTraceAll SQLTraceAll 4 000000034dbf2a6c:0 2011-05-03 15:18:35 (SQLAllocEnv) Env Handle: 150212040, Time: 0.140ms
    SQLTraceAll SQLTraceAll 4 000000034dbf2a6c:0 2011-05-03 15:18:35 (SQLAllocConnect) Env Handle: 150212040, Conn Handle: 150215192, Time: 0.044ms
    SQLConnectOptions Allocate Connection 4 000000034dbf2a6c:0 2011-05-03 15:18:35 (SQLAllocConnect) Conn Handle: 150215192, Time: 0.044ms
    SQLTraceAll SQLTraceAll 4 000000034dbf2a6c:0 2011-05-03 15:18:46 (SQLConnect) Conn Handle: 150215192, Time: 10.184s
    DBCLog DBCLogError 1 000000034dbf2a6c:0 2011-05-03 15:18:46 [DataDirect][ODBC 20101 driver][20101]ORA-01017: invalid username/password; logon denied
    SecAdptLog Debug 5 000000034dbf2a6c:0 2011-05-03 15:18:46 username=SADMIN : authentication failed due to :
    [DataDirect][ODBC 20101 driver][20101]ORA-01017: invalid username/password; logon denied
    2. Below messages confirm login with sadmin user-id is working fine.
    SecAdptLog Debug 5 000000074dbf2a6c:0 2011-05-03 15:19:06 Invoking SecurityLogin with username=sadmin ...
    SecAdptLog Debug 5 000000074dbf2a6c:0 2011-05-03 15:19:06 ODBC security adapter configured: connectstring='SBA_81_DM1_DSN', tableowner='siebel', GlobalConnections=.
    SQLTraceAll SQLTraceAll 4 000000074dbf2a6c:0 2011-05-03 15:19:06 (SQLAllocEnv) Env Handle: 150006904, Time: 0.062ms
    SQLTraceAll SQLTraceAll 4 000000074dbf2a6c:0 2011-05-03 15:19:06 (SQLAllocConnect) Env Handle: 150006904, Conn Handle: 151411016, Time: 0.011ms
    SQLConnectOptions Allocate Connection 4 000000074dbf2a6c:0 2011-05-03 15:19:06 (SQLAllocConnect) Conn Handle: 151411016, Time: 0.011ms
    SQLTraceAll SQLTraceAll 4 000000074dbf2a6c:0 2011-05-03 15:19:06 (SQLConnect) Conn Handle: 151411016, Time: 0.046s
    SQLTraceAll SQLTraceAll 4 000000074dbf2a6c:0 2011-05-03 15:19:06 (SQLGetInfo) Conn Handle: 151411016, Time: 0.040ms
    SQLTraceAll SQLTraceAll 4 000000074dbf2a6c:0 2011-05-03 15:19:06 (SQLSetConnectOption) Conn Handle: 151411016, Time: 0.034ms
    SQLConnectOptions Set Connection Option 4 000000074dbf2a6c:0 2011-05-03 15:19:06 (SQLSetConnectOption) Handle: 151411016, Time: 0.034ms
    SQLConnectOptions Set Connection Option Detail 5 000000074dbf2a6c:0 2011-05-03 15:19:06 (SQLSetConnectOption) Option: 1041, Param: 1090553352
    SQLTraceAll SQLTraceAll 4 000000074dbf2a6c:0 2011-05-03 15:19:06 (SQLSetConnectOption) Conn Handle: 151411016, Time: 0.013ms
    SQLConnectOptions Set Connection Option 4 000000074dbf2a6c:0 2011-05-03 15:19:06 (SQLSetConnectOption) Handle: 151411016, Time: 0.013ms
    SQLConnectOptions Set Connection Option Detail 5 000000074dbf2a6c:0 2011-05-03 15:19:06 (SQLSetConnectOption) Option: 1042, Param: 1090553361
    SecAdptLog Debug 5 000000074dbf2a6c:0 2011-05-03 15:19:06 username=sadmin : authentication succeeded.
    SecAdptLog Debug 5 000000074dbf2a6c:0 2011-05-03 15:19:06 username=sadmin : retrieving responsibilities...
    Many Thanks,
    Chaitanya

    Hi Chaitanya,
    Exactly.
    Check for some scheduled batch processes or some repeating jobs which may use this SADMIN Id & Pwd.
    Even I have the experienced this SADMIN account locking and I found that one of my repeating job using the SADMIN Id and its locking the ID frequently, even I unlocked the account.
    Try cancelling the job and create new one.
    Regards,
    Guna M

  • Historical Reporting Client Login Failure - UCCX 7.0(1)

    We're experiencing intermittent login failures with the Historical Reporting Client, extract from the log file below:
    1: 28/04/2010 11:58:25 %CHC-LOG_SUBFAC-3-UNK: Error # 35761 ,Description= Request timed out ,LastDllError= 0
    2: 28/04/2010 11:58:25 %CHC-LOG_SUBFAC-3-UNK:Authentication response was NOT received from (http://<ip address>/histRepWebSrvrComp/histRepClientsServlet)
    3: 28/04/2010 11:58:25 %CHC-LOG_SUBFAC-3-UNK:Login Error | Invalid server name or IP address. Check the server name or IP address and login again.
    4: 28/04/2010 11:58:30 %CHC-LOG_SUBFAC-3-UNK:Authentication response was NOT received from (http://ip address/histRepWebSrvrComp/histRepClientsServlet)
    5: 28/04/2010 11:58:30 %CHC-LOG_SUBFAC-3-UNK:Login Error | Invalid server name or IP address. Check the server name or IP address and login again.
    6: 28/04/2010 11:58:30 %CHC-LOG_SUBFAC-3-UNK:Connection to web server failed due to: 12017 : Operation cancelled
    7: 28/04/2010 11:59:05 %CHC-LOG_SUBFAC-3-UNK:Connection to web server failed due to: 12017 : Operation cancelled
    8: 28/04/2010 11:59:05 %CHC-LOG_SUBFAC-3-UNK:Failed to load authentication response due to empty XML buffer from authentication servlet)
    9: 28/04/2010 11:59:05 %CHC-LOG_SUBFAC-3-UNK:Login Error | Invalid server name or IP address. Check the server name or IP address and login again.
    Does anyone know why this may be happening as it's driving the customer mad. User can usually login after a few attempts.
    The authentication timeout is set to 15 seconds, surely this is more than enough time or should we increase the timer?
    Any advice much appreciated.

    Hi Robert
    Thanks for the response and all very good suggestions which should help Chris narrow down his particular issue.
    It's been about a year since we last looked at this so I'd quite forgotten most of the diagnostics we'd done however we did go through most of the same diagnostics ourselves but the resolution was hampered due to the fact we support the telephony/WAN and another third party supports the desktops and LAN infrastructure so after months of to and fro with the customer and their third party (and many, many man hours) we eventually left the risk with the customer and investigations never progressed any further.
    1.) Upgrade to UCCX 7.0SR5.  This is a very stable release of code with few open bugs or caveats against it.
                - Agreed. We also ran into other bugs which required an upgrade.
    2.) Verify that the active NIC is indeed at the top of the bindings order.  Just having it active isn't enough, there needs to be the further test of moving to the top of the bindings order.
                - We did check this.
    3.) Verify that the hosts file on the UCCX server(s) has the external IP and hostname of the server in it.
                - Did this too.
    4.) Check the remote locations to verify that the network is correctly configured, there are no line errors on the WAN circuits, no misconfiguration on the switch/router ports and that QOS is in place across the network.
                - This part of the investigation stalled due to another 3rd party supporting the onsite network however no WAN issues were found.
    5.) Try to take a test system that is on the same network as the one having HRC errors.  See if it's seeing the issues.  If not, progressively move out to other offices/locations until you replicate the issue and then see what has changed.  Something there should hopefully point to the cause of the error.
                - We did this also, using my laptop I connected from various locations and even when using the same network connection as the end user had no problems, we did note the successful connection attempts used a slightly different network route/DNS/WINS however again got nowhere with the third party supporting this aspect of the network.
    6.) Finally, you may want to consider creating external data warehouse servers so that your UCCX servers aren't serving up the HRC data.
                - Not an option for this customer, again this aspect of the service is a different third party on their own network and customer not willing to pay for additional servers for the telephony estate to provide this functionality when they only have a few CCX users.
    Regards
    June

  • Normal users can not login CDE

    Hi every body.
    I have just installed Solaris 10 in a Ultra 10 box. When my normal users tray to login CDE they must wait long and at the end they have a message window like this:
    _DtMessage Failure<br /><br />Messaging System Inoperative<br />To restart:<br />1) Save all open data files.<br />2) Logout.<br />3) Login again.<br />Note: The current session will not be saved.<br />When you are ready to begin the restart process click &#91;ok&#93; and proceed to save your files.<br /><br />behind this window there are another one:<br /><br />Action Required<br /><br />DT messaging system could not be started.<br />To correct the problem<br />1- Chose &#91;ok&#93; to return to the login screen<br />2- select failsafe session from the login screen's option menu and login.<br />3- Check to see that the host name is correct in these locations<br />/etc/src.sh<br />/etc/hosts<br />/usr/adm/inet.sec<br /> For additional information see the DT users guide.<br /><br /><br />This issue only occurs when the home directory is mounted via nfs. If is mounted locally there are no problems.<br /><br />I deleted .dt* directories but this does not solve the problem.<br /><br />Any idea will be very appreciated.<br /><br />Guix

    Is the "ttdbserverd" rpc service running on the nfs server?
    Does the nfs client log anything to it's /var/adm/messages file?
    For example errors like this:
    Aug 12 18:43:31 elise-3com.tools.intra /usr/dt/bin/ttsession&#91;851&#93;: &#91;ID 424917 daemon.error&#93; Error: rpc.ttdbserverd on leo is not running
    Aug 12 18:43:31 elise-3com.tools.intra /usr/dt/bin/ttsession&#91;851&#93;: &#91;ID 908584 daemon.error&#93; Ttdb_client::connectToDb(): fcntl(F_SETFD): Bad file number

Maybe you are looking for

  • ITunes 11.1.3.8 on Windows 8.1 64 bit display problems with CD tracks and Internet Radio

    Recently installed iTunes 11.1.3.8 on a Windows 8.1 64 bit machine and I have the following problems: 1) Inserting a CD in order to listen or import tracks I get no display of tracks when I click the CD drive in the side bar. The list has only white

  • Import extremely slow from 9i to  10G

    I am preparing a 10.2.0.4 database for testing, (upgrading from 9i) because we are also moving to a new server, I am going to use the exp/imp method. I created a new database after installing and patching the software, then created the necessary tabl

  • Import server: Undefined elements exception

    Hi, I do have a problem with the import server. I get ,'save-update map' structural exceptions in the import server. It complains about undefined elements, and if saved the update it works for one single XML file but other still fail with similar (ot

  • Problem while invoking pagefragment as popup

    Hi I am having a requirement, I will be displaying some data in <af:table> One of the column will be having a command link, When user clicks on the command link, I have to open a popup dialog , The popup will be a bounded taskflow with a page fragmen

  • Incorrect time in picture info pane

    I updated my clock in my digital camera for daylight savings time. My Olympus C-770 uses a 24 hour clock so 6pm would be 1800. However; when I import a picture taken at 1800 it says 5pm instead of 6 pm. Why doesn't iPhoto show the correct time? My Ma