CallAPI cannot resolve encrypted LDAP Password if it is added to .ini File or to activation File of CallAPI

Document ID : KB000085053
Last Modified Date : 14/04/2018
Show Technical Document Details
Issue:
Error Message :
U00003234 Logon error: Access denied. (Connection='*[CP/LoginID]', host = [HOSTNAME])

If a logon via a CallAPI is processed using an LDAP User/Password within the Login, the encrypted password is not resolved correctly returning the above error message.

The password exit does not work if the password is encrypted.  Instead the password exit is called with the encrypted password without decrypting the password first causing the error.

The error has been seen when using the CallAPI on LINUX when the Automation Engine it tried to log onto was on AIX.  However, this behavior could also occur on other Operating Systems.


 
Environment:
OS: IBM AIX
OS Version: N/A
Cause:
Cause type:
Defect
Root Cause: The password exit fails if the password is encrypted with UCYBCRYP. Password exit is called with encrypted password instead of decrypting the password first.
Resolution:
Update to a fix version listed below or a newer version if available.

Fix Status: Released

Fix Version(s):
Component(s): Automation Engine and Initialdata

Automation Engine 12.1.0 - Available
Automation Engine 12.0.2 - Available
Automation Engine 11.2.5 - Available
Automation Engine 11.1.4HF4 - Available
Additional Information:
Workaround :
Use the password in clear text and not encrypted.