Domain users cannot login to PA after the server ran out of disk space

Document ID : KB000044701
Last Modified Date : 23/01/2019
Show Technical Document Details
Issue:

A Password Authority server ran out of disk space.  Old logs were removed, and tomcat restarted, but then none of the users who authenticate against an Active Directory could log in. The 'CSPM' authentication type was the only one that worked.

 

 

Environment:
Password Authority 4.5.3
Cause:
running out of disk space on the Password Authority server can result in a corrupt cspmserver.keystore file
Resolution:

Test the integrity of the cspmserver.keystore file with the following command:

%CSPM_SERVER_HOME%\cspmserver_thirdparty\java\bin\keytool –list –keystore %CSPM_SERVER_HOME%\cspmserver\config\data\cspmserver.keystore

 

If the file is healthy, you will be prompted for a password. This would eliminate this file as the root cause and it is recommended that a ticket be opened with PAM Support.

If the file is corrupt, you will receive an error such as: "keytool error: java.io.EOFException"
If the cspmserver.keystore  file is corrupt this can be resolved by following these steps:

  1. Stop Tomact
  2. Delete the cspmserver.keystore file
  3. Start Tomcat
  4. Password Authority will automatically recreate the file