Error CentraSite and Active Directory integration

Jorge_Luis · January 8, 2013, 5:34pm

Hello friends,
Performing the integration of CentraSite 8.2 with Active Directory as authentication repository, I have an error:
java.lang.SecurityException: access not granted for user DOMAIN\USER1
at com.centrasite.smh.AdminUserCreator.isAccessGranted(AdminUserCreator.java:233)
at com.centrasite.smh.AdminUserCreator.createAdminUser(AdminUserCreator.java:117)
at com.centrasite.smh.AuthAddAdminAgent.createAdminUser(AuthAddAdminAgent.java:279)
at com.centrasite.smh.AuthAddAdminAgent.run(AuthAddAdminAgent.java:256)
at com.centrasite.smh.Agent.doAgentTask(Agent.java:205)
at com.centrasite.smh.AuthAddAdminAgent.AgentMain(AuthAddAdminAgent.java:333)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.softwareag.arg.cockpit.agent.impl.AgentJava.main(AgentJava.java:498)
Caused by: com.softwareag.tamino.db.API.accessor.TXQueryException( message: Authorization failed. Invalid userId and password!, version: 8.2.1.0.4, java: 1.6.0_24, os: Windows 2003 5.2 ):

at com.softwareag.tamino.db.API.accessor.TStreamAccessorImpl.xquery(Unknown Source)
at com.softwareag.tamino.db.API.accessor.TXMLObjectAccessorImpl.xquery(Unknown Source)
at com.centrasite.smh.AdminUserCreator.isAccessGranted(AdminUserCreator.java:203)
… 10 more
Caused by: com.softwareag.tamino.db.API.invocation.TInvocationRetryHandlerException( message: Retry after invoke failed., version: 8.2.1.0.4, java: 1.6.0_24, os: Windows 2003 5.2 ):

at com.softwareag.tamino.db.API.invocation.TAbstractInvocation.retryAfterInvoke(Unknown Source)
at com.softwareag.tamino.db.API.invocation.TAbstractInvocation.doTemplateInvoke(Unknown Source)
at com.softwareag.tamino.db.API.invocation.TAbstractInvocation.invoke(Unknown Source)
at com.softwareag.tamino.db.API.accessor.TAbstractAccessor.invoke(Unknown Source)
… 13 more
Caused by: com.softwareag.tamino.db.API.invocation.TAuthorizationException( message: Authorization failed. Invalid userId and password!, version: 8.2.1.0.4, java: 1.6.0_24, os: Windows 2003 5.2 ):

at com.softwareag.tamino.db.API.invocation.http.THTTPInvocation.verifyAuthorizationResult(Unknown Source)
at com.softwareag.tamino.db.API.invocation.http.THTTPInvocation.doInvokeReal(Unknown Source)
at com.softwareag.tamino.db.API.invocation.http.THTTPInvocation.doInvoke(Unknown Source)
… 16 more

Any recommendations to fix the problem.
Thank you.

Douglas_Kelly · January 10, 2013, 6:49am

this isn’t enough information to give a response…

Have you used the SSXLDAPValidator? It’s available from Empower (https://empower.softwareag.com/Products/DownloadComponents/default.asp) - Products > Download Components > CentraSite. It’s helpful for figuring out your LDAP (including AD) configuration and once its verified, it can update your LDAP configuration in SMH for you.

If you are still having problems, you’ll need to describe your LDAP configuration - you might want to open a support request.

One item: is your AD domain called “DOMAIN”? The domain you put in your LDAP configuration under SMH has to match the AD domain…

Jorge_Luis · January 10, 2013, 3:48pm

Friend,
Here attached a picture of the setting in the SMH (System Management in the tab) for integration with Active Directory

Shmuel_Coller · January 10, 2013, 4:09pm

We in Global Support handle such cases, some times with R&D help.

We use as mentioned LdapSsxValidator and LDAP Browser during such session between Customer and Global Support.

The session to solve these kinds is details intensive. We may even decide to access Active Directory as OpenLDAP repository.

Please open Support Ticket,

Shmuel Coller
webMethods Global Support EMEA

system · January 10, 2013, 5:39pm

Hi
Please consider in any case to use the LDAP interface to MS AD, as the native
AD support is deprecated and will be removed in 9.0

Thanks
Daniel

Jorge_Luis · January 10, 2013, 7:47pm

Ok, thanks for the suggestions.
Make the change to the configuration of LDAP and now this is the result. See attached image.

My question is: how I can authorize or assign the relevant user groups Administrator is taken from Active Directory

Of course, thanks for your support

system · January 10, 2013, 8:13pm

As which user are you logged into SMH?
Are you using Adminstrator or INTERNAL/Administrator for logging into SMH or some other user?
To me it seems you are using a non admin user.

Daniel

Jorge_Luis · January 10, 2013, 8:27pm

After changing the settings on the Authentication Configurations for LDAP, the admin user can log in the SMH as follows:
Administrator@domain.com

Topic		Replies	Views
LDAP connection webMethods , CentraSite , API-Management	9	5266	April 2, 2021
LDAP Administrator User Is not authorized in Centrasite webMethods , CentraSite , API-Management	5	2205	April 2, 2021
CentraSite CE - Unable to login to CentraSite Control webMethods , CentraSite , API-Management	7	2604	April 2, 2021
How to get users from the configured LDAP Authentication webMethods , CentraSite , API-Management	13	7176	April 2, 2021
Define Active Directory authentication in CS 9.7 webMethods , CentraSite , API-Management	2	1009	April 2, 2021

Error CentraSite and Active Directory integration

Related Topics