|Applies To||RSA Product Set: Web Threat Detection|
RSA Product/Service Type: Forensics
RSA Version/Condition: 4.6, 5.x, 6.x
|Issue||A single user cannot authenticate the Forensics User Interface (FUI). The Customer is using LDAP authentication. No other users are affected. |
Example Customer Case:
There is one user that cannot authenticate to the FUI and we don’t know what’s happening. First we were using local authentication and the user's account was locked after trying wrong passwords 4 times. In the meantime, we enabled LDAP Authentication and this user ID exists in LDAP. When the user tried to authenticate the first time (authentication order: LDAP, WTD), he was prompted to create a new password in the FUI. Changing the password did not work. We presumed that the password changes only happen in local user database, so we tried to reset the user’s local password. The behavior was still the same, i.e., new password being asked for in FUI login screen. – NOTE: Only LDAP is set in authentication methods. We tried to recreate the user, but it did not change the behavior. We tried disabling LDAP and enabling only local (WTD) authentication. The user could change password and successfully login. After that we changed authentication back to LDAP only and the user authenticated but couldn’t login, because WTD asked him to change his password.
|Cause||The Customer was using the same user to bind to LDAP and then subsequently to login to the WTD FUI.|
|Resolution||The Customer should not use the same user ID that binds to LDAP as a regular WTD user expecting to be able to login. They will need to create a user exclusively in the LDAP directory for the binding and a separate user for logging into the WTD FUI.|