This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

SecurID® Knowledge Base

Find answers to your questions and identify resolutions for known issues with knowledge base articles written by SecurID experts.

Internal Server Error displays when logging in to the RSA SecurID Access portal

Article Number

000033794

Applies To

RSA Product Set: SecurID Access
RSA Product/Service Type: Identity Router
 

Issue

"Internal Server Error" is displayed in the browser when logging into the portal.

Cause

"Internal Server Error" is a non-specific message that indicates a technical problem occurred that prevented RSA SecurID Access from responding to a request.  More information is usually recorded in the RSA SecurID Access system log.

If this error is seen when the user is logging into the Portal, it is likely because of a problem connecting to the LDAP or Active Directory (AD) server being used to authenticate the user. Some common causes for a technical issue preventing authentication with LDAP/AD are:
  • A network outage or error between the Identity Router (IDR) and the LDAP or AD server.
  • Misconfigured DNS entry for the LDAP or AD server.
  • The LDAP or AD server is not configured correctly in the RSA SecurID Access Administration Console.
  • Invalid credentials (user ID and/or password) configured for LDAP/AD in the RSA SecurID Access Administration Console.

Resolution

Check the RSA SecurID Access IDR system logs for events at the time of the "Internal Server Error" message, that may indicate the reason for the issue.  An example is: 
2016-08-12/14:58:51.538/UTC [ajp-apr-8009-exec-9] WARN  com.symplified.service.shared.authnengine.AuthenticationEngineImpl[90] - 
Error occurred while trying to authenticate against user store <store-name> com.symplified.adapter.api.userstore.ldap.LdapUserStoreException: 
Failed to create initial dir context for LDAP connection. LDAP server is '<server-fqdn-or-ip>' principal is '<user id>'. 
CAUSE: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903C8, comment: AcceptSecurityContext error, data 52e, v2580]

In this case "LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903C8, comment: AcceptSecurityContext error, data 52e, v2580" is a Microsoft Active Directory error message, indicating a likely problem with the AD credentials configured in RSA SecurID Access, possibly a password issue.  Contact Microsoft Support if assistance is needed with troubleshooting Active Directory errors.

Instructions to how to view the RSA SecurID Access IDR system log are at available on RSA Link (View the Identity Router System Log and Generate and Download an Identity Router Log Bundle).  Note that if you have several IDRs behind a load balancer, you may have to check the logs for all the IDRs to find the relevant event message(s).

If logged event messages indicate an LDAP/AD issue, check your LDAP/AD configuration in RSA SecurID Access for errors.  See the RSA Via Access Help, sections under Identity Sources, for information about configuring LDAP/AD in RSA SecurID Access.  
0 Likes
Was this article helpful? Yes No
100% helpful (1/1)

In this article

Version history
Last update:
‎2020-12-13 06:10 AM
Updated by:
Administrator Administrator

Related Content

© 2023 RSA Security LLC or its affiliates. All rights reserved.