Highlighted
New Member.
2123 views

WebAccess Login Failure

Hi all.

I just finished recreating my certificate authority as it's certificate had expired. I then used PKIDiag and tckeygen to renew the DNS and IP certs for webaccess and re-export the key for Tomcat. This went smoothly without any errors.

However, when I try to log in to web access, I get the following error: "Please login again. You may have typed your name or password incorrectly. Remember that passwords are case sensitive.", even though they are the correct name and password. It also does not matter which user logs in.

Webaccess logs only show "Login failure" for the user.

Where do I begin to troubleshoot this? Does webaccess have better logs somewhere? Even on verbose the logs still only seem to show Login Failure.

Thanks for any information anyone has.
Scott



Scott Schaffer
Network Admin
Olive Waller Zinkhan & Waller LLP
Labels (2)
0 Likes
17 Replies
Highlighted
New Member.

Re: WebAccess Login Failure

Sorry, forgot to include platform information.

Netware 6.5 SP8, GroupWise 8 SP2, WebAccess also at same patch level.

Scott



Scott Schaffer
Network Admin
Olive Waller Zinkhan & Waller LLP>>> On March-30-13 at 8:33 PM, in message <51574C00.DFFF.0048.3@owzw.com>, Scott Schaffer<sschaffer@owzw.com> wrote:

Hi all.

I just finished recreating my certificate authority as it's certificate had expired. I then used PKIDiag and tckeygen to renew the DNS and IP certs for webaccess and re-export the key for Tomcat. This went smoothly without any errors.

However, when I try to log in to web access, I get the following error: "Please login again. You may have typed your name or password incorrectly. Remember that passwords are case sensitive.", even though they are the correct name and password. It also does not matter which user logs in.

Webaccess logs only show "Login failure" for the user.

Where do I begin to troubleshoot this? Does webaccess have better logs somewhere? Even on verbose the logs still only seem to show Login Failure.

Thanks for any information anyone has.
Scott



Scott Schaffer
Network Admin
Olive Waller Zinkhan & Waller LLP
0 Likes
Highlighted
Micro Focus Expert
Micro Focus Expert

Re: WebAccess Login Failure

Hi Scott,

Are you using LDAP authentication or GroupWise authentication?

Cheers,
Laura Buckley

Views/comments expressed here are entirely my own.
If you find this post helpful, please show your appreciation and click on "Like" below...
0 Likes
Highlighted
New Member.

Re: WebAccess Login Failure

Ldap, i believe. Whats the best way to telll?

Scott



Scott Schaffer
Network Admin
Olive Waller Zinkhan & Waller LLP>>> On March-31-13 at 4:16 AM, in message <laurabuckley.5t2awn@no-mx.forums.novell.com>, laurabuckley<laurabuckley@no-mx.forums.novell.com> wrote:


Hi Scott,

Are you using LDAP authentication or GroupWise authentication?

Cheers,


--
Laura Buckley
Technical Consultant
IT Dynamics, South Africa
http://www.itdynamics.co.za
------------------------------------------------------------------------
laurabuckley's Profile: http://forums.novell.com/member.php?userid=122
View this thread: http://forums.novell.com/showthread.php?t=465411
0 Likes
Highlighted
Micro Focus Expert
Micro Focus Expert

Re: WebAccess Login Failure

Hi Scott,

In ConsoleOne, in the GroupWise view, go to the properties of your Post Office object, on the GroupWise tab click on the drop-down menu and select security. There you will see your authentication setup.

I'm thinking that perhaps your LDAP authentication was SSL enabled and the certs haven't been updated since you recreated your certificates..... I'd check there.

Cheers,
Laura Buckley

Views/comments expressed here are entirely my own.
If you find this post helpful, please show your appreciation and click on "Like" below...
0 Likes
Highlighted
Micro Focus Expert
Micro Focus Expert

Re: WebAccess Login Failure

Further to what I said above.... In ConsoleOne click on Tools | GroupWise system operations | LDAP Servers | Select the LDAP server/servers that you are using and click on Edit - in there you will see if SSL is enabled and what certificate you are using.

Cheers,
Laura Buckley

Views/comments expressed here are entirely my own.
If you find this post helpful, please show your appreciation and click on "Like" below...
0 Likes
Highlighted
New Member.

Re: WebAccess Login Failure

Thanks for the info Laura.

I checked my settings. Under the PO object, both LDAP and eDirectory authentication are enabled. Should this only be one or the other? If i I disable one, do I need to restart anything for the change to be seen?

As for the ldap server object. it is pointing to the der cert I exported from the private key of the CA after recreating it. Do I need to restart ldap for it to use the new exported der file? It has the same name as the old one.

Thanks,
Scott



Scott Schaffer
Network Admin
Olive Waller Zinkhan & Waller LLP>>> On March-31-13 at 9:16 AM, in message <laurabuckley.5t2osp@no-mx.forums.novell.com>, laurabuckley<laurabuckley@no-mx.forums.novell.com> wrote:


Further to what I said above.... In ConsoleOne click on Tools |
GroupWise system operations | LDAP Servers | Select the LDAP
server/servers that you are using and click on Edit - in there you will
see if SSL is enabled and what certificate you are using.

Cheers,


--
Laura Buckley
Technical Consultant
IT Dynamics, South Africa
http://www.itdynamics.co.za
------------------------------------------------------------------------
laurabuckley's Profile: http://forums.novell.com/member.php?userid=122
View this thread: http://forums.novell.com/showthread.php?t=465411
0 Likes
Highlighted
Micro Focus Expert
Micro Focus Expert

Re: WebAccess Login Failure

Hi Scott

Having both eDir and LDAP selected is fine. After changing cert files you would need to shutdown the POA in question and then start it. I found a restart didn't always do the trick with SSL certs.

Hope this helps.

Cheers,
Laura Buckley

Views/comments expressed here are entirely my own.
If you find this post helpful, please show your appreciation and click on "Like" below...
0 Likes
Highlighted
New Member.

Re: WebAccess Login Failure

I restarted the poa. I still get the same message when trying to login. How do I disable ssl on webaccess? I would like to test without it and see if there is any difference.

Thanks



Scott Schaffer
Network Admin
Olive Waller Zinkhan & Waller LLP>>> On March-31-13 at 10:56 AM, in message <laurabuckley.5t2tfb@no-mx.forums.novell.com>, laurabuckley<laurabuckley@no-mx.forums.novell.com> wrote:


Hi Scott

Having both eDir and LDAP selected is fine. After changing cert files
you would need to shutdown the POA in question and then start it. I
found a restart didn't always do the trick with SSL certs.

Hope this helps.

Cheers,


--
Laura Buckley
Technical Consultant
IT Dynamics, South Africa
http://www.itdynamics.co.za
------------------------------------------------------------------------
laurabuckley's Profile: http://forums.novell.com/member.php?userid=122
View this thread: http://forums.novell.com/showthread.php?t=465411
0 Likes
Highlighted
Micro Focus Expert
Micro Focus Expert

Re: WebAccess Login Failure

Hi Scott,

Have you restarted the WebAccess agent?

Cheers,
Laura Buckley

Views/comments expressed here are entirely my own.
If you find this post helpful, please show your appreciation and click on "Like" below...
0 Likes
Highlighted
New Member.

Re: WebAccess Login Failure

Yes, no change.

Since the webaccess logs only say, login failed, is it possible to do a dstrace of the login and maybe get more information about what's failing?

Thanks
Scott



Scott Schaffer
Network Admin
Olive Waller Zinkhan & Waller LLP>>> On April-01-13 at 4:46 AM, in message <laurabuckley.5t46yn@no-mx.forums.novell.com>, laurabuckley<laurabuckley@no-mx.forums.novell.com> wrote:


Hi Scott,

Have you restarted the WebAccess agent?

Cheers,


--
Laura Buckley
Technical Consultant
IT Dynamics, South Africa
http://www.itdynamics.co.za
------------------------------------------------------------------------
laurabuckley's Profile: http://forums.novell.com/member.php?userid=122
View this thread: http://forums.novell.com/showthread.php?t=465411
0 Likes
Highlighted
Micro Focus Expert
Micro Focus Expert

Re: WebAccess Login Failure

A dstrace would probably be a very sensible thing to do - filter on LDAP traffic and see if you can see anything.

Cheers,
Laura Buckley

Views/comments expressed here are entirely my own.
If you find this post helpful, please show your appreciation and click on "Like" below...
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.