MaxH Honored Contributor.
Honored Contributor.
105 views

KNTA_LOGON_ATTEMPTS Table Issue

Jump to solution

I am building a custom portlet that tells when the very first and most recent login attempts were made for PPM users.  When I created and ran my query, it returned dates that looked odd to me.  After some research, I realized that the dates only went back to March 14, 2014 for my specific user account.  Other users seemed to have the same kinds of issues.

 

Now, I have been in and out of PPM as a regular user (not just my ADMIN accounts) since 2011.  I should be able to query the knta_logon_attempts table and see all of the logins, then refine my query to see the first date I logged in [min(CREATION_DATE)].  When I run the query, the system only returns dates since March 14th and it turns out these have a 'Y' in the SUCCESS_FLAG field.  The others show up, but the SUCCESS_FLAG field has an 'N' in it and there is either a  "NO_PERMISSION_RESTRICTED_MODE", "INVALID_USER_OR_PASSWORD", "USER_PASSWORD_EXPIRED" or some other message in the FAILURE_MESSAGE_NAME field.

 

I also realized that where the SUCCESS_FLAG field = 'N', that there is no USER_ID populated to the field.

 

Does anyone have any idea(s) on what might be causing this?  Maybe a database statistics issue or something?

 

Thanks in advance,

 

Max

0 Likes
1 Solution

Accepted Solutions
Absent Member.. Jim Esler Absent Member..
Absent Member..

Re: KNTA_LOGON_ATTEMPTS Table Issue

Jump to solution

If you do not set values for these parameters in your server.conf file, default values will be used. The default for DAYS_TO_KEEP_LOGON_ATTEMPT_ROWS is 14 days. You can see this in the Server Configuration Report. It should be listed in the Admin Guide, too, but I have not checked.

 

Entries in this table would be deleted by the Logon Attempts Cleanup Service. You could disable it on the Schedule Services page if you do not want entries to be deleted. As Randull stated, though, the table is maintained this way because of performance considerations. Just something to keep in mind.

4 Replies
MaxH Honored Contributor.
Honored Contributor.

Re: KNTA_LOGON_ATTEMPTS Table Issue

Jump to solution

Maybe there is a simple way to ask this question:

 

Why would I have a KNTA_LOGON_ATTEMPTS table that has a count of 417 entries where the user_id is not null and 3,584 records where the user_id field is null?

0 Likes
Absent Member.. randull Absent Member..
Absent Member..

Re: KNTA_LOGON_ATTEMPTS Table Issue

Jump to solution

Hi Max,

 

There are two parameters on the server.conf to activate the clean up service for this table, otherwise it will grow to big and cause performance problem.

DAYS_TO_KEEP_LOGON_ATTEMPT_ROWS and LOGON_ATTEMPTS_CLEANUP_INTERVAL parameter in server.conf

Please check the values on them, May be that is why you are seeing records from a date in the past.

 

I am wondering if those records without username are the failed ones.

 

Thanks,

Randall

Best regards,
Randall

-- Remember to give Kudos to answers! (click the KUDOS star)
"If you find that this or any post resolves your issue, please be sure to mark it as an accepted solution.”
MaxH Honored Contributor.
Honored Contributor.

Re: KNTA_LOGON_ATTEMPTS Table Issue

Jump to solution

Hi Randall, thanks for responding.  I have neither parameter set in the server.conf (although maybe I should).  The failed attempts are in fact the records that have no user_id.  

 

The question now becomes, where in the database does that parameter get stored?  I am betting that there is a table that stores the parameters you listed and they remain there regardless of whether they are set in the server.conf. or, that they were there at one time, got deleted from the server.conf and the parameter is retained until it is re-invoked?

0 Likes
Absent Member.. Jim Esler Absent Member..
Absent Member..

Re: KNTA_LOGON_ATTEMPTS Table Issue

Jump to solution

If you do not set values for these parameters in your server.conf file, default values will be used. The default for DAYS_TO_KEEP_LOGON_ATTEMPT_ROWS is 14 days. You can see this in the Server Configuration Report. It should be listed in the Admin Guide, too, but I have not checked.

 

Entries in this table would be deleted by the Logon Attempts Cleanup Service. You could disable it on the Schedule Services page if you do not want entries to be deleted. As Randull stated, though, the table is maintained this way because of performance considerations. Just something to keep in mind.

The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.