Unable to Authenticate User

Document ID : KB000123151
Last Modified Date : 18/12/2018
Show Technical Document Details
Issue:
Some users with Admin settings are getting:
1. "Unable to authenticate" CA PC logins
2. "You no longer have access to this Tenant Group" after logging in. 
Environment:
CAPC 3.x
Cause:
This issue was caused by CAPC timing out while waiting for a reply from the LDAP server.

The steps to debug this are:
Copy /opt/CA/PerformanceCenter/sso/webapps/sso/configuration.jsp to .original
Edit /opt/CA/PerformanceCenter/sso/webapps/sso/configuration.jsp
and change "boolean troubleshoot = false;" to "boolean troubleshoot = true;"
No restart should be needed.
 
Login to see the messages.
once someone gets an error, capture the text and paste to save it.

error seen:
Could not obtain a DirectoryContext.
javax.naming.CommunicationException: <LDAP_Server>:3268 [Root exception is java.net.ConnectException: Connection timed out (Connection timed out)]
 
Resolution:
Once the error is validated, work with your LDAP team to determine what is causing the timeouts.
Additional Information:
replace the original file to disable the debug