This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

SecurID® Discussions

Browse the SecurID discussion board to get product help and collaborate with other SecurID users.
GeorgeNathaniel
Beginner
Beginner
‎2016-10-20 10:34 AM

AD authentication for Self Service, help needed

Having issues getting AD Authentication to work with AM Prime Self Service authentication.  Getting the following error:

"Login failed because of Unexpected Error occured while authenticating with LDAP : authentication status was 9"
Can't find any documentation anywhere to help with troubleshooting.
Thanks
Labels (1)
0 Likes
Reply
4 Replies
EdwardDavis
Employee
Employee
‎2016-10-20 04:33 PM

You should open a support case for this... as working on AM Prime issues in a forum like

this is not ideal and may 'reveal too much' about things that should remain private. It is your

network and setup, and AM Prime is usually customized for each install.

 

Not the same as 'out of the box software' like RSA Authentication Manager where everyone

has essentially the same basic setup.

 

But you can do basics like verify the password policy for the service accounts on the RSA server

are not expired or need to change, as well as do an LDAP bind with AD explorer using the LDAP service

account configured in the properties file and verify the account works.


The ssp.properties file, there’s an LDAP section which has the configured password for LDAP administrator.

Reply
GeorgeNathaniel
Beginner
Beginner
‎2016-10-20 04:37 PM

Gotcha, thx

0 Likes
Reply
GeorgeNathaniel
Beginner
Beginner
‎2016-10-20 05:08 PM

the ssp.properties file is what I was looking for, seeing a bunch of parameters I need to look at... thanks again.

0 Likes
Reply
SeanDoyle
Trusted Contributor Trusted Contributor
Trusted Contributor
‎2016-10-21 12:30 PM

The LDAP URL and credentials for direct AD auth are found in the ssp.properties file. It sounds if the AD credential used for looking up the userDN and checking the AD account status may have been locked or has an expired password.. could also be the SSP bind account to AM has an expired credential as well. Examination of the ssp_daily.log will probably indicate what exactly is wrong.

 

Open a ticket for support.

0 Likes
Reply
© 2023 RSA Security LLC or its affiliates. All rights reserved.