LDAP password authentication failed - Logon failure: unknown username or invalid password when attempting RADIUS authentication with RSA SecurID Access
Originally Published: 2017-06-09
Article Number
Applies To
Issue
LDAP password authentication failed - Logon failure: unknown username or invalid password
The identity router's (IDR) /var/log/radiusj/radius-audit.log also indicates an error similar to:
2017-06-08/20:25:08.404/UTC [RadiusAuditEntryProcessor] INFO RADIUSAUDIT[31] -
----------START_RADIUS_USER_LDAP_AUTHENTICATION----------
EVENTID=RADIUS_USER_LDAP_AUTHENTICATION
DATETIME=Thu Jun 08 20:25:08 UTC 2017
IN_RESPONSE_TO=3482eedb-936a-427b-a56a-48e9ac09d4dc
DESCRIPTION=RADIUS – Unsuccessful LDAP authentication- Please Check User Event monitor for details.
NAS-IP-ADDRESS=192.168.20.100
USER_NAME=jsmith
CLIENT_ID=RADIUS: Cisco ASA
RADIUS_RESPONSE_TYPE=Access-Reject
STATUS=FAIL
REQUEST_ID=3482eedb-936a-427b-a56a-48e9ac09d4dc
POLICY_ID=LowLevel_AllUsers
TENANT_ID=mycompany
----------END_RADIUS_USER_LDAP_AUTHENTICATION----------
The username/password are known to be correct and the identity source has been tested successfully.
Cause
Resolution
Notes
While the IDR-based SecurID Access RADIUS server supports a shared secret length of up to 512 characters and most special characters, RADIUS client devices may have different limitations.
Select shared secrets that are fully supported by the RADIUS devices in your network.
See the Administration Console's on-screen help for the IDR RADIUS Server shared secret requirements.
Related Articles
Multiple RADIUS Requests Result in LDAP Authentication Failure Number of Views RADIUS shared secret limitations of RADIUS clients configured with RSA Authentication Manager Number of Views XML Parsing Error when attempting SP-initiated Single Sign-On with RSA SecurID Cloud Authentication Service Number of Views RSA Via Lifecycle and Governance Workflow fails with error "Illegal TXN State: Attempt to start new transaction during rol… Number of Views ORA-01017: invalid username/password; logon denied . For details refer to "(:CLSN00107:)" when attempting to start the dat… Number of Views
Trending Articles
Troubleshooting RSA SecurID Access Identity Router to RSA Authentication Manager test connection failures RSA SecurID Software Token 5.0.2 Downloads for Microsoft Windows RSA Authentication Manager 8.9 Release Notes (January 2026) Quick Setup Guide - Passwordless Authentication in Windows MFA Agent for Active Directory RSA Authentication Manager 8.8 Setup and Configuration Guide
Don't see what you're looking for?
