000021819 - Error: 'No User Password in DB' on log monitor with RSA Authentication Manager

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000021819
Applies ToRSA Authentication Manager 6.x
RSA Authentication Agent 6.x
IssueError: "No User Password in DB" on log monitor with RSA Authentication Manager
Error: "Agent Request for Passwd denied" on log monitor

Error: "Offline-Auth Request Granted" on log monitor
Password integration is not working. Windows password is not being updated in ACE/Server.
ResolutionPassword update in RSA Authentication Manager can be forced by changing the user password. On Authentication Manager administration, verify if the Agent host is enabled with Windows password integration. Also, verify if the password integration is enabled at system level in 'Edit system parameters' window by navigating to ACE/Server Database Administration --> System --> Edit System parameters --> Check the box "Enable Windows password integration at system level".

Refer to the RSA Authentication Manager 6.0 Administration Guide, page 59-61 for details on Offline Authentication and Password Integration

On the client machine, verify if the challenge is set to a group, and make sure the user in question is a member of that group.

Then, force the Password update in ACE/Server database by performing the following steps:

1. Assign a token to user

2. Perform test authentication using that token

3. Log in as user with that token

4. You will then be prompted for Windows password. Type the Windows password. Authentication should be successful.

5. If you are successful, ACE/Server log shows "No user password in DB" message on the log monitor

6. Ctrl-Alt-Del --> Select Change Password. Change the user password

7. Notice the ACE/Server log - "Password updated". The message will be preceded by the IP address of the Agent host machine; verify that it is correct.

8. Log off and log in again as the same user. You will be prompted with SecurID only, and you will be able to login without typing Windows password. 
Legacy Article IDa25243