000017869 - User unable to login to RSA Security Analytics user interface with Active Directory authentication

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 22, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000017869
Applies ToRSA Security Analytics
Active Directory
IssueUser unable to login to RSA Security Analytics user interface with Active Directory authentication.
Some users can login to the Security Analytics user interface, whereas some users cannot..

Error messages similar to the following are found in the /var/lib/netwitness/uax/logs/sa.log file:



2014-05-22 18:11:44,408 [qtp674902259-3216] ERROR com.rsa.netwitness.carlos.security.authentication.ad.PermissiveActiveDirectoryLdapAuthenticationProvider - Failed to locate directory entry for authenticated user: domain/username


2014-05-22 18:11:55,657 [qtp674902259-3637] ERROR com.rsa.netwitness.carlos.security.authentication.ad.PermissiveActiveDirectoryLdapAuthenticationProvider - Failed to locate directory entry for authenticated user: username@domain



User cannot login to Security Analytics user interface with Active Directory authentication.
Cause

SA takes the username and concatenates the configured domain in SA and creates login using UPN (user@domain) to authenticate. The problem is that if the domain name configued on Security Analytics  is different than the domain name on Active Directory, authentication will fail and you will receive the above error.


For example, the domain on SA is 'na.company.com' and on Active Directory the user logon name is 'user@company.com', the authentication will fail because the domain name does not match.

ResolutionChange domain name from Security Analytics interface at  Admin >System > Security >Settings >Active Directory Configuration to match the correct domain on Active Directory
Legacy Article IDa66225

Attachments

    Outcomes