ERROR : Login procedure failed

Document ID : KB000025399
Last Modified Date : 14/02/2018
Show Technical Document Details

Problem: 

After a successful installation of Access Control / PIM endpoint on the UNIX machines, starting selang / connecting the SEOSDB results in an error
"ERROR: Initialization failed, EXITING!"
(localhost)
ERROR: Login procedure failed
ERROR: You are not allowed to administer this site from terminal 127.0.0.1

Environment:  

All certified PIM endpoint releases (R12.5, R12.6, R12.7, R12.8, R12.9)
Operating System : All certified UNIX OS.

Cause: 

The cause for this problem is that the terminal class record is not being created properly for with the terminal name or that the hostname resolution is not working properly in the environment.

Resolution:

Verify the terminal rules are defined properly, if not define the proper terminal and provide appropriate authorization for the terminal.

Step 1)
Stop Access Control / PIM endpoint using secons –sk

Step 2)
Start selang in local mode using selang -l    

Step 3)
Verify if the terminal with the hostname is defined and proper authorizations are provided. If not, define the terminal and provide the appropriate authorization(s).

Step 3a) AC>sr terminal *
In the result verify if the proper terminal is defined along with proper authorizations for the user executing selang

Step 3b) For providing appropriate authorization, while still being in selang
AC> authorize TERMINAL <terminal name> uid(USER) access(Type of access to be provided)

Step 4)
Quit selang and check if the look aside database (LADB) reflects the above defined hostname terminal according to your site. Use sebuildla -h to build the hostname specific LADB.

Step 5)
Use sebuildla -H | grep <hostname>, to match against the defined terminal entry. The terminal entry and the hostname should be the same in all aspects.

Step 6)
Check if the TERMINAL class is ON (this class should be ON). If it is OFF, run "so CLASS+(TERMINAL)" from within the selang prompt.
You may also be required to modify the native operating system 'hosts' file. For this contact your system and network administrator(s). Not a mandatory step.

Step 7)
Once you are done with the changes start access control and verify if the problem is resolved.