Article Number
000038998
Applies To
RSA Product Set: RSA Identity Governance & Lifecycle
RSA Version/Condition: 7.1.0, 7.1.1, 7.2.0
Issue
AFX Connectors that obtain their login credentials from CyberArk Password Vault (
Admin >
System >
Password Vault tab) fail with the following error after an AFX restart:
Invalid Credentials
The connector log files ($AFX_HOME/esb/logs) have errors similar to the following (This example is from an LDAP connector):
2020-03-18 17:10:22.695 [INFO] org.mule.lifecycle.AbstractLifecycleManager:193 - Starting connector: httpsConnector-endpoint
2020-03-18 17:10:22.825 [ERROR] org.mule.transport.ldapx.LdapxConnector:361 -
LDAPException: Invalid Credentials (49) Invalid Credentials
LDAPException: Server Message: 80090308: LdapErr: DSID-0C09042A, comment: AcceptSecurityContext error, data 52e, v3839
LDAPException: Matched DN:
LDAPException: Invalid Credentials (49) Invalid Credentials
LDAPException: Server Message: 80090308: LdapErr: DSID-0C09042A, comment: AcceptSecurityContext error, data 52e, v3839
LDAPException: Matched DN:
Cause
This is a known issue reported in engineering ticket ACM-104735.
Resolution
This issue is resolved in RSA Identity Governance & Lifecycle 7.2.0 P03.
Workaround
Edit each connector after the AFX restart and save the connector definition. The credentials do not need to be modified, saving the existing connector definition resolves the issue (until the next time AFX is restarted.)
