000016646 - AM 8.0 - Disabling ldap as an authentication method under Security Console Authentication Methods causes a failure in Self Service Console access.

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000016646
Applies ToAM 8.0
IssueDisabling ldap as an authentication method for Administrative Console access.

Users unable to access Self-Service Console.
After submitting their user id they get an error message:
"Invalid Request
Sorry, your request cannot be processed at this time. It either has been processed or is bad request."
Cause

To reproduce the issue have the LDAP_Password authentication method set for the Security Console and the Self Service console then remove the option from the Security Console authentication methods and uncheck the box that enables the option to allow that method in the same screen and save the change. This change will not immediately cause a problem with Self Service logins because the old data is in the cache and it takes some time (perhaps up to 30 minutes) for the data to be cleared. You can manually clear it by flushing the cache via the Operations Console (navigate to Maintenance>Flush Cache.) Now when you enter a userID in the Self Service Console and click OK you will get the error as shown below.

"Invalid Request
Sorry, your request cannot be processed at this time. It either has been processed or is bad request."

If you then remove the LDAP_Password authentication option under the Self Service Console settings page and save the change the issue goes away.

ResolutionA fix for this issue has been provided in AM 8.0 Patch1, which is available for download on SCOL.
https://knowledge.rsasecurity.com/scolcms/set.aspx?id=9758
Legacy Article IDa61566

Attachments

    Outcomes