Users cannot log in after rename in Active Directory

Document ID : KB000119029
Last Modified Date : 02/11/2018
Show Technical Document Details
Users cannot log in after their user code was renamed in Active Directory. When login is attempted after their new user is created, the following errors are noted in the WP log files:

U00051002 LDAP message 'BindResponse' with result code 'invalidCredentials', message: 8009030C: LdapErr: DSID-0C09056D, comment: AcceptSecurityContext error, data 52e, v2580
U00003234 Logon error: Access denied. (Connection='*CP00X#0000XXXX', host = '%-%-%') 
Any Active Directory/LDAP environment. 
Additional steps required via Active Directory. 
After renaming an Active Directory account, the associated password may need to be reset - otherwise, users will not be able to log into the Automation Engine. Re-set the password, and the user should be able to access the User Interface normally.

If this does not resolve the issue, perform the following steps and provide the results to Support via a new case:

1) If an Administrative user is able to log in, do so and navigate to the Administration Perspective -> Automation Engine Management section. 
1a) If no user is able to log in, please log a case with Support.
2) Right click on any of the WPs, and select, "Advanced Options."
3) Set TCP/IP=2 and Database=4, then select, "Apply."

Setting trace on one WP will set tracing on all WPs. After this has been accomplished, reproduce the login issue and send in the complete set of the following files (all ending in *00.txt):

*) WP log files
*) WP trace files

Be sure to remember to re-set tracing back to 0 after reproducing this issue, as otherwise the trace files will continue to grow.