Non-LDAP users not able to log into Spectrum

Document ID : KB000033527
Last Modified Date : 29/11/2018
Show Technical Document Details
Issue:

Non-LDAP users are not able to log into Spectrum even though "Allow user to login if no LDAP user is found" option is enabled. If the SSORB Security SP debugging in the OneClick -> Administration -> Debugging -> Web Server Debug Page (Runtime) web page is enabled, an error similar to the following is seen in the $SPECROOT/tomcat/logs/stdout.log (Windows) or catalina.out (Linux and Solaris) file:

 

Nov 25, 2015 19:16:02.254 - Error binding: javax.naming.AuthenticationException: [LDAP: error code 49 - 8009030C: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 2030, v1db1

Cause:

This error occurs when LDAP in the "OneClick LDAP Configuration" page is configured using "User by Pattern".

Resolution:

Reconfigure LDAP in the "OneClick LDAP Configuration" page to use "User by Search".

Additional Information:

Reference the "Non-LDAP Users cannot Log In" section in the Spectrum documentation.

https://docops.ca.com/ca-spectrum/10-3-0/en/administrating/oneclick-administration/troubleshooting-oneclick/non-ldap-users-cannot-log-in