DP 10.80 Windows client User Authentication failed

Hi,

There is a fresh DP 10.80 Linux server CM installation. There is also fresh Windows 10 Client installation (DP 10.80 as well). I was able to import client to CM, but I am not able to login from the client.

I cannot connect to CM using clients GUI.

I got an error message: "User Authentication failed" and to be more specific "Provided User or Password is not valid.".

I did add a user on CM using CLI (more then one ). I set a password. I configured secure connection.

I feel I am stucked now...

I can see in the logs on the server side...

/var/opt/omni/log/inet.log

Sat 21 Nov 2020 04:43:59 PM CET [BZC0FQ.LAP2@lap2] : GET_CACERT_FILE

/var/opt/omni/log/debug.log

{"error":"invalid_grant","error_description":"Invalid user credentials"}
[KeycloakRESTApiConnector::restMethodExecute] Response: 401 body:

{"error":"invalid_grant","error_description":"Invalid user credentials"}

I cannot see any issues on the client side log files.

 

The other issue is that I cannot use WebGUI. When I open CM webpage I can see just logo... no other controls just white page. I did try several browsers - issue is the same.

 

So, effectively I cannot login to CM from any client apart from CLI on the server.

I have worked on this issue all day today, but I was not successful and I do not have active contract to escalate it.

Any ideas on how to troubleshoot this further?

Thanks in advance for helping.

  • OK. I have found the issues. There where two:

    1) incorrect widows workgroup/domain name

    2) incorrect login user name - it looks it was not so obvious to put the right login name (should be Web Username not Name)

    Now... I can login to Windows Client GUI

     

  • Is it possible for you to help me to solve the same problem?
    I have Cell Manager on Centos and I want connect to it from windows. DP11

    I ran omnicc -secure_comm -configure_peer on noth hosts.
    firewall is disabled, connection is ok.

    I tried different combinations of omniuser -add  command
    and now I have:

    /opt/omni/bin/omniusers -list
    User Group: admin
     Name:   ADMIN
     Group:  ADMINISTRATORS
     Client: linuxserverdp.sto.local
     Web Username:  admin|administrators|linuxserverdp.sto.local
     Descr:   

     Name:   ADMIN
     Group:  ADMINISTRATORS
     Client: winproxydp.sto.local
     Web Username:  admin|administrators|winproxydp.sto.local
     Descr:   

     Name:   ADMINISTRATOR
     Group:  ADMINISTRATORS
     Client: winproxydp.sto.local
     Web Username:  administrator|administrators|winproxydp.sto.local
     Descr:   

     Name:   ADMINISTRATOR
     Group:  WINPROXYDP
     Client: winproxydp.sto.local
     Web Username:  administrator|winproxydp|winproxydp.sto.local
     Descr:   

     Name:   hpdp
     Group:  *
     Client: linuxserverdp.sto.local
     Web Username:  hpdp|*|linuxserverdp.sto.local
     Descr:  IDB AS user

     Name:   root
     Group:  *
     Client: linuxserverdp.sto.local
     Web Username:  root|*|linuxserverdp.sto.local
     Descr:  root

    User Group: operator
     No users defined

    User Group: user
     No users defined

    but still the same answer: Invalid user credentials

    some of logs:

    2022-03-15 00:30:06,762 WARN  [JBossLoggingEventListenerProvider:118:default task-1] type=LOGIN_ERROR, realmId=b0d8f026-01f8-45dc-b679-73f47ede7ddf, clientId=dp-gui, userId=null, ipAddress=10.41.0.157, error=user_not_found, auth_method=
    openid-connect, grant_type=password, client_auth_method=client-secret, username=Admin, authSessionParentId=68835db0-bbcd-46d6-ba04-6085297d796e, authSessionTabId=Gc2YeukrlA4
    2022-03-15 00:30:06,762 WARN  [JBossLoggingEventListenerProvider:118:default task-1] type=LOGIN_ERROR, realmId=b0d8f026-01f8-45dc-b679-73f47ede7ddf, clientId=dp-gui, userId=null, ipAddress=10.41.0.157, error=user_not_found, auth_method=
    openid-connect, grant_type=password, client_auth_method=client-secret, username=Admin, authSessionParentId=68835db0-bbcd-46d6-ba04-6085297d796e, authSessionTabId=Gc2YeukrlA4
    2022-03-15 00:38:53,090 WARN  [JBossLoggingEventListenerProvider:118:default task-1] type=LOGIN_ERROR, realmId=b0d8f026-01f8-45dc-b679-73f47ede7ddf, clientId=dp-gui, userId=null, ipAddress=10.41.0.157, error=user_not_found, auth_method=
    openid-connect, grant_type=password, client_auth_method=client-secret, username=Administrator, authSessionParentId=96b5c53c-f87d-4a98-819f-16328d55fba9, authSessionTabId=lzwI6vrpTsc
    2022-03-15 00:38:53,090 WARN  [JBossLoggingEventListenerProvider:118:default task-1] type=LOGIN_ERROR, realmId=b0d8f026-01f8-45dc-b679-73f47ede7ddf, clientId=dp-gui, userId=null, ipAddress=10.41.0.157, error=user_not_found, auth_method=
    openid-connect, grant_type=password, client_auth_method=client-secret, username=Administrator, authSessionParentId=96b5c53c-f87d-4a98-819f-16328d55fba

    What else can I check?

  • Can you please post the user and domain you are logged in on the windows server when you run the GUI?

    What error do you receive when running DP GUI to connect to cell manager ?

    Regards,

  • Thank you for answer!!

    Win 2012 srv without domain:
    host name: winproxydp
    workgroup: sto.local
    windows hosts file:
    10.41.0.154 winproxydp.sto.local winproxydp
    10.41.0.157 linuxserverdp.sto.local linuxserverdp

    linux srv CM:
    hostname: linuxserverdp.sto.local
    cat /etc/hosts:
    10.41.0.154 winproxydp.sto.local winproxydp
    10.41.0.157 linuxserverdp.sto.local linuxserverdp

    I tried: administrator, admin, ADMIN, Administrator, root, and many others Slight smile :

    [154:64452] Invalid user credentials.

  • You did not answer my question: with which user you are logged on the windows server ? We need to check if this user is added to userlist.

  • oh, sorry, I didn't understand you correctly.
    I am logged in as "Administrator" on the Windows server

    I also created a new "Admin" account on the windows server and tried to log in from there as well

  • Suggested Answer

    Hello Siemacz,

    please add user Administrator with the following command:

    omniusers  -add -type W -usergroup admin -name Administrator -group "*" -client "*" -pass Dp123pwd.

    doing so you allow any user whose name is administrator (any domain and any client) to log in DP.

    this should work. Once we find it works we will narrow domain and client.

    Kind regards

  • /opt/omni/bin/omniusers  -add -type W -usergroup admin -name Administrator -group "*" -client "*" -pass Dp123pwd

    ERROR:'*' is not a valid option. Please see product documentation for further
    information.

    :(

    Can I manually remove unnecessary users from /etc/opt/omni/server/users/UserList?
    Somewhere I found information that I should type in this file:
    "*" "*" "*" "*" admin yes
    manually

  • Please add to global file (/etc/opt/omni/server/options/global) the following variable and try again the command:

    EnableAnyOptionUserCtx=1

    In your system it is using default

    # default: 0
    # This option is used for enabling <Any> option in User Management context.

    Kind regards,

  • Do not remove\add any line manually from userlist. The info you have found refers to old DP version.