Unable to authenticate user in unab

Document ID : KB000007418
Last Modified Date : 14/02/2018
Show Technical Document Details
Issue:

After changing the password in Active Directory the customer is unable to log in as that user in the Linux endpoint. Trying with old passwords does not help, but other users seem to be able to log in.

Running uxpreinstall, there are errors connecting to the site:

CHECKING CLIENT'S SITE 
******************************************** 
Client's site = <unknown> 
ERROR: Could not determine the client's site. 
REASON: No LDAP service was available to get the client's site. 
ACTION: Please check that LDAP services are available and functional. 
--------------------------------------------- 
F A I L

However, the site exists and according to the Active Directory logs, there is a connection done

Resolution:

This problem may occur if the only Domain Controller (DC) available for authentication is excluded from the list of Domain Controllers available for  authentication in uxauth.ini. In this case, UNAB will be able to contact the DC but it will be unable to retrieve credentials or Kerberos tickets. This may happen if- for instance- UNAB was set up with DC which are no longer available.

Editing the list of DC available for authentication in uxauth.ini to include the valid one(s) or remove the list of DC and leave the none default will solve the issue.