LDAP password authentication failed - Logon failure: unknown username or invalid password when attempting RADIUS authentication with RSA SecurID Access
Originally Published: 2017-06-09
Article Number
Applies To
Issue
LDAP password authentication failed - Logon failure: unknown username or invalid password
The identity router's (IDR) /var/log/radiusj/radius-audit.log also indicates an error similar to:
2017-06-08/20:25:08.404/UTC [RadiusAuditEntryProcessor] INFO RADIUSAUDIT[31] -
----------START_RADIUS_USER_LDAP_AUTHENTICATION----------
EVENTID=RADIUS_USER_LDAP_AUTHENTICATION
DATETIME=Thu Jun 08 20:25:08 UTC 2017
IN_RESPONSE_TO=3482eedb-936a-427b-a56a-48e9ac09d4dc
DESCRIPTION=RADIUS – Unsuccessful LDAP authentication- Please Check User Event monitor for details.
NAS-IP-ADDRESS=192.168.20.100
USER_NAME=jsmith
CLIENT_ID=RADIUS: Cisco ASA
RADIUS_RESPONSE_TYPE=Access-Reject
STATUS=FAIL
REQUEST_ID=3482eedb-936a-427b-a56a-48e9ac09d4dc
POLICY_ID=LowLevel_AllUsers
TENANT_ID=mycompany
----------END_RADIUS_USER_LDAP_AUTHENTICATION----------
The username/password are known to be correct and the identity source has been tested successfully.
Cause
Resolution
Notes
While the IDR-based SecurID Access RADIUS server supports a shared secret length of up to 512 characters and most special characters, RADIUS client devices may have different limitations.
Select shared secrets that are fully supported by the RADIUS devices in your network.
See the Administration Console's on-screen help for the IDR RADIUS Server shared secret requirements.
Related Articles
Multiple RADIUS Requests Result in LDAP Authentication Failure Number of Views An error occured while attempting to configure the JVM memory setting for RSA Authentication Manager 8.3 Number of Views XML Parsing Error when attempting SP-initiated Single Sign-On with RSA SecurID Cloud Authentication Service Number of Views AFX Server remains in a 'Not running' State, afx status shows 'timed out waiting for AFX applications to start' and esb.AF… Number of Views Error Unable to resolve user by login ID and/or alias, or authenticator not assigned to user when attempting to authentica… Number of Views
Trending Articles
RSA Authentication Manager Upgrade Process RSA Release Notes for RSA Authentication Manager 8.8 RSA RADIUS Server service failed to start in the RSA Authentication Manager 8.1 Operations Console Microsoft Entra ID External MFA - Relying Party Configuration Using OIDC - RSA Ready Implementation Guide RSA Release Notes: Cloud Access Service and RSA Authenticators
Don't see what you're looking for?
