"ADMIN" user issue in server environment-RTC 3.0.1
Hi,
I have configured my asynchronous scheduled tasks to run with "ADMIN" as the default user but I see this error logged when the task runs.
Would like to know if its possible to run scheduled tasks with RTC 301 with "ADMIN" as user as we did not face this problem in previous versions.
00000022 LdapRegistryI E No user ADMIN found
00000022 FfdcProvider W com.ibm.ws.ffdc.impl.FfdcProvider logIncident FFDC1003I: FFDC Incident emitted on /opt/IBM/WebSphere/AppServer/profiles/JazzSrv01/logs/ffdc/JazzSrv01-Srv341_1b801b8_12.03.09_00.00.09.1864979324648293885061.txt com.ibm.ws.security.registry.ldap.LdapRegistryImpl.checkPassword 367
00000022 LdapRegistryI E SECJ0336E: Authentication failed for user ADMIN because of the following exception com.ibm.websphere.security.PasswordCheckFailedException: No user ADMIN found
00000022 FfdcProvider W com.ibm.ws.ffdc.impl.FfdcProvider logIncident FFDC1003I: FFDC Incident emitted on /opt/IBM/WebSphere/AppServer/profiles/JazzSrv01/logs/ffdc/JazzSrv01-Srv341_1b801b8_12.03.09_00.00.09.1912157024764002160803.txt com.ibm.websphere.security.CustomRegistryException 190
00000022 FfdcProvider W com.ibm.ws.ffdc.impl.FfdcProvider logIncident FFDC1003I: FFDC Incident emitted on /opt/IBM/WebSphere/AppServer/profiles/JazzSrv01/logs/ffdc/JazzSrv01-Srv341_1b801b8_12.03.09_00.00.09.1905022804253321957065.txt com.ibm.ws.security.ltpa.LTPAServerObject.authenticate 996
00000022 LTPAServerObj E SECJ0369E: Authentication failed when using LTPA. The exception is No user ADMIN found.
00000022 FfdcProvider W com.ibm.ws.ffdc.impl.FfdcProvider logIncident FFDC1003I: FFDC Incident emitted on /opt/IBM/WebSphere/AppServer/profiles/JazzSrv01/logs/ffdc/JazzSrv01-Srv341_1b801b8_12.03.09_00.00.09.2036027559885439505971.txt com.ibm.websphere.security.auth.WSLoginFailedException 250
00000022 FfdcProvider W com.ibm.ws.ffdc.impl.FfdcProvider logIncident FFDC1003I: FFDC Incident emitted on /opt/IBM/WebSphere/AppServer/profiles/JazzSrv01/logs/ffdc/JazzSrv01-Srv341_1b801b8_12.03.09_00.00.09.2031302311509152065324.txt com.ibm.ws.security.server.lm.ltpaLoginModule.login 452
00000022 FfdcProvider W com.ibm.ws.ffdc.impl.FfdcProvider logIncident FFDC1003I: FFDC Incident emitted on /opt/IBM/WebSphere/AppServer/profiles/JazzSrv01/logs/ffdc/JazzSrv01-Srv341_1b801b8_12.03.09_00.00.09.2094268099787972640076.txt com.ibm.ws.security.server.lm.wsMapDefaultInboundLoginModule.login 804
00000022 FfdcProvider W com.ibm.ws.ffdc.impl.FfdcProvider logIncident FFDC1003I: FFDC Incident emitted on /opt/IBM/WebSphere/AppServer/profiles/JazzSrv01/logs/ffdc/JazzSrv01-Srv341_1b801b8_12.03.09_00.00.09.2135038997551716281834.txt com.ibm.ws.security.auth.JaasLoginHelper.jaas_login 491
00000022 FfdcProvider W com.ibm.ws.ffdc.impl.FfdcProvider logIncident FFDC1003I: FFDC Incident emitted on /opt/IBM/WebSphere/AppServer/profiles/JazzSrv01/logs/ffdc/JazzSrv01-Srv341_1b801b8_12.03.09_00.00.09.2166816444742777663008.txt com.ibm.ws.security.auth.ContextManagerImpl.login 4701
00000022 FfdcProvider W com.ibm.ws.ffdc.impl.FfdcProvider logIncident FFDC1003I: FFDC Incident emitted on /opt/IBM/WebSphere/AppServer/profiles/JazzSrv01/logs/ffdc/JazzSrv01-Srv341_1b801b8_12.03.09_00.00.09.2186326528998553052653.txt com.ibm.ws.security.web.FormLoginServlet.formLogin 422
00000022 FormLoginExte E SECJ0118E: Authentication error during authentication for user ADMIN
I have configured my asynchronous scheduled tasks to run with "ADMIN" as the default user but I see this error logged when the task runs.
Would like to know if its possible to run scheduled tasks with RTC 301 with "ADMIN" as user as we did not face this problem in previous versions.
00000022 LdapRegistryI E No user ADMIN found
00000022 FfdcProvider W com.ibm.ws.ffdc.impl.FfdcProvider logIncident FFDC1003I: FFDC Incident emitted on /opt/IBM/WebSphere/AppServer/profiles/JazzSrv01/logs/ffdc/JazzSrv01-Srv341_1b801b8_12.03.09_00.00.09.1864979324648293885061.txt com.ibm.ws.security.registry.ldap.LdapRegistryImpl.checkPassword 367
00000022 LdapRegistryI E SECJ0336E: Authentication failed for user ADMIN because of the following exception com.ibm.websphere.security.PasswordCheckFailedException: No user ADMIN found
00000022 FfdcProvider W com.ibm.ws.ffdc.impl.FfdcProvider logIncident FFDC1003I: FFDC Incident emitted on /opt/IBM/WebSphere/AppServer/profiles/JazzSrv01/logs/ffdc/JazzSrv01-Srv341_1b801b8_12.03.09_00.00.09.1912157024764002160803.txt com.ibm.websphere.security.CustomRegistryException 190
00000022 FfdcProvider W com.ibm.ws.ffdc.impl.FfdcProvider logIncident FFDC1003I: FFDC Incident emitted on /opt/IBM/WebSphere/AppServer/profiles/JazzSrv01/logs/ffdc/JazzSrv01-Srv341_1b801b8_12.03.09_00.00.09.1905022804253321957065.txt com.ibm.ws.security.ltpa.LTPAServerObject.authenticate 996
00000022 LTPAServerObj E SECJ0369E: Authentication failed when using LTPA. The exception is No user ADMIN found.
00000022 FfdcProvider W com.ibm.ws.ffdc.impl.FfdcProvider logIncident FFDC1003I: FFDC Incident emitted on /opt/IBM/WebSphere/AppServer/profiles/JazzSrv01/logs/ffdc/JazzSrv01-Srv341_1b801b8_12.03.09_00.00.09.2036027559885439505971.txt com.ibm.websphere.security.auth.WSLoginFailedException 250
00000022 FfdcProvider W com.ibm.ws.ffdc.impl.FfdcProvider logIncident FFDC1003I: FFDC Incident emitted on /opt/IBM/WebSphere/AppServer/profiles/JazzSrv01/logs/ffdc/JazzSrv01-Srv341_1b801b8_12.03.09_00.00.09.2031302311509152065324.txt com.ibm.ws.security.server.lm.ltpaLoginModule.login 452
00000022 FfdcProvider W com.ibm.ws.ffdc.impl.FfdcProvider logIncident FFDC1003I: FFDC Incident emitted on /opt/IBM/WebSphere/AppServer/profiles/JazzSrv01/logs/ffdc/JazzSrv01-Srv341_1b801b8_12.03.09_00.00.09.2094268099787972640076.txt com.ibm.ws.security.server.lm.wsMapDefaultInboundLoginModule.login 804
00000022 FfdcProvider W com.ibm.ws.ffdc.impl.FfdcProvider logIncident FFDC1003I: FFDC Incident emitted on /opt/IBM/WebSphere/AppServer/profiles/JazzSrv01/logs/ffdc/JazzSrv01-Srv341_1b801b8_12.03.09_00.00.09.2135038997551716281834.txt com.ibm.ws.security.auth.JaasLoginHelper.jaas_login 491
00000022 FfdcProvider W com.ibm.ws.ffdc.impl.FfdcProvider logIncident FFDC1003I: FFDC Incident emitted on /opt/IBM/WebSphere/AppServer/profiles/JazzSrv01/logs/ffdc/JazzSrv01-Srv341_1b801b8_12.03.09_00.00.09.2166816444742777663008.txt com.ibm.ws.security.auth.ContextManagerImpl.login 4701
00000022 FfdcProvider W com.ibm.ws.ffdc.impl.FfdcProvider logIncident FFDC1003I: FFDC Incident emitted on /opt/IBM/WebSphere/AppServer/profiles/JazzSrv01/logs/ffdc/JazzSrv01-Srv341_1b801b8_12.03.09_00.00.09.2186326528998553052653.txt com.ibm.ws.security.web.FormLoginServlet.formLogin 422
00000022 FormLoginExte E SECJ0118E: Authentication error during authentication for user ADMIN
One answer
looks like you have configured RTC to use LDAP for user authentication. and the user 'ADMIN' is not defined there
LdapRegistryI E No user ADMIN found
So, you would either have to define an entry for use ADMIN in ldap,
or change to a userid that is in LDAP.
its all or nothing with LDAP. we had a similar issue.
Sam
LdapRegistryI E No user ADMIN found
So, you would either have to define an entry for use ADMIN in ldap,
or change to a userid that is in LDAP.
its all or nothing with LDAP. we had a similar issue.
Sam
Comments
Hi Sam,
I understand this is very old, but if possible, can you please tell how we can configure the asynchronous task scheduler to run with a different user which is already defined in LDAP.
Arun
You need to change your task code to specify the userid, see
https://jazz.net/forum/questions/118517/how-do-i-determine-which-user-is-running-an-asynchronous-task
Hi Sam,
Thanks for the answer but I am looking for the way to specify this new userId in the task code. The above link just tells me a way to retrieve and display it. I am searching for a way to set and authenticate this new contributor.
Kindly help.
Arun.
Hm.. I see now.. the method for the userid is marked final. so you cannot over-ride it.
now the bigger question.. what did you do differently to cause this problem,
as everyone is advised to delete the userid ADMIN.
we'll have to wait for the jazz members to help on that.
sorry I gave you an incomplete answer.
Hi Sam,
Yes, We are using LDAP and till date we had not defined the ADMIN user.
Currently to make my scheduler work, I have declared this ADMIN user there. I do not like this solution but there is nothing much I can do here unfortunately.
This solution is not clean as even though the ADMIN user is internal and does not require an import to the application itself to function, But it does require a write access to the project area (by being a member of the project and with granted with powerful role) to be able to change and save workitems. Very strange behavior because the admin user is not granted any license!! and is only added to the JAZZADMIN group in the LDAP.
I will push this to IBM. Thanks for confirming that I was not completely lost in this :)