I have two 7.1.2 integration servers with exactly the same following configurations:
Same LDAP configuration
Same LDAP groups under “Administrators ACL”
Same extended settings etc.
I can login to both servers using local id. But with the LDAP id, I can login to one but not to the other.
When I check the server.log on second server, it shows:
[ISS.0053.0002C] Access denied for user userName on port 1100 → ‘WmRoot/index.dsp’ from 192.168.1.1
When I purposefully give the wrong password, it shows:
[ISS.0002.0034E] Invalid credentials connecting to ldaps://xyz.ldap.domain.com as uid=userName,ou=deptName,ou=orgName,dc=domain,dc=com
[ISS.0053.0002C] Access denied for user userName on port 1100 → ‘’ from 192.168.1.1.
What that means is, there is no problem authenticating the user in LDAP. But there is some issue in the IS that is not allowing the user to access it.
I think the IS is connecting to the LDAP properly. There are two reasons why I say that:
This is my production server and clients accessing web service on this server are authenticated using LDAP
As I said in my original post, when I give wrong password, I can see “Invalid credentials” message in server log along with “Access denied”. Which means it is connecting to LDAP. But if I give correct password it just shows “Access denied”.
Again, my second server does not have this issue. And these two servers have exactly the same LDAP and ACL configuration.