1 2 Previous Next 20 Replies Latest reply on Apr 6, 2020 12:15 PM by mrbassplayer_com

    VCSA 6.7U1 AD Login not possible anymore

    D3m4dm Novice

      Hi all,

       

      I've got an VCSA 6.7u1 11726888. Installed in January 2019. I joined directly to a Windows Domain and added the Identity.

      Everything works fine up to now.

      If I want to login with AD Credentials I get the error: Invalid Credentials.

      Login with vsphere.local User works fine.

       

      Leave the Domain and Join again did not solve the problem.

      In the Firewall is nothing blocked to the Domain.

      dig SRV _ldap._tcp.my.domain locks also very good

       

      Does anyone have an idea?

       

       

      Alexander

        • 1. Re: VCSA 6.7U1 AD Login not possible anymore
          Gidrakos Hot Shot

          I ran into something similar - did you upgrade/convert from a vCenter to VCSA?

           

          Have you tried the new, embedded Windows authentication? For a while, I was able to get that working but not putting in AD credentials manually.

           

          You can get a bit more detail on joining the domain and controlling Identity Sources by using the VCSA terminal. The tools are in /opt/likewise/bin.

          • 2. Re: VCSA 6.7U1 AD Login not possible anymore
            D3m4dm Novice

            It was an fresh installation in January and no Upgrade.

            I joined the domain with /opt/likewise/bin/domainjoin-cli join

            And in the vCenter under configuration--> AD Domain everything looks fine. Than added the Identity source and reboot, but nothing works now.

            As I sad. From January up to yesterday everything works fine and without changes it doesn't work now.

             

            I can't test the embedded Windows auth because my client is not in the same Doamin.

            • 3. Re: VCSA 6.7U1 AD Login not possible anymore
              IRIX201110141 Master

              Just to be clear

              - You succesfully joined VCSA to your Windows AD

              - You rebootet the VCSA

               

              and than you have grand permissions to the user accounts/groups you would like to use within vCenter?

               

              Btw: VMware Support suggest to use the LDAP to WindowsAD rather than the direct WindowsAD integration when we got Problems last time.

               

              Regards

              Joerg

              • 4. Re: VCSA 6.7U1 AD Login not possible anymore
                D3m4dm Novice

                Absolutely right

                • 6. Re: VCSA 6.7U1 AD Login not possible anymore
                  D3m4dm Novice

                  The Connection to the Domaincontrollers works fine.

                  I can add new User Permissions and the Domain search for users works also.

                  So the connection is good.

                  • 7. Re: VCSA 6.7U1 AD Login not possible anymore
                    sjesse Master
                    User ModeratorsvExpert

                    What permissions did you give the user you are using to login with?

                    • 8. Re: VCSA 6.7U1 AD Login not possible anymore
                      D3m4dm Novice

                      The Administrator Role in global Permissions

                      • 9. Re: VCSA 6.7U1 AD Login not possible anymore
                        sjesse Master
                        vExpertUser Moderators

                        Don't do global permission, go to the single sign on section, and user and groups. and under groups add your user to administrators. Putting users in that group takes care of the permissions.

                        • 10. Re: VCSA 6.7U1 AD Login not possible anymore
                          AlessandroRomeo68 Master

                          HI,

                           

                          In administration in the Users and Groups section have you enabled SSO access to the user?

                          • 11. Re: VCSA 6.7U1 AD Login not possible anymore
                            D3m4dm Novice

                            sjesse

                            I put the user there also in the admin group but it doesnt work.

                             

                            AlessandroRomeo68

                            What do you mean exactly?

                            • 12. Re: VCSA 6.7U1 AD Login not possible anymore
                              sjesse Master
                              vExpertUser Moderators

                              We will probably need screenshots of all the parts, or you should open an SR and have support look. All you really need to do is what you say you've done to get AD to work.

                              • 13. Re: VCSA 6.7U1 AD Login not possible anymore
                                Gidrakos Hot Shot

                                As we're discussing roughly the same thing here: Cannot login to vCenter 6.7u2 with Domain Credentials

                                 

                                I'd suggest using the CLI to leave the domain, remove the server from AD completely, and use CLi to re-join. Check your websso and ssoAdminServer logs to see what errors are popping up if/when a user is denied access.

                                • 14. Re: VCSA 6.7U1 AD Login not possible anymore
                                  D3m4dm Novice

                                  Now I created a new Domain User and gave him the admin role on the top of vcenter.

                                  If i want to login i get the following in websso.log

                                   

                                   

                                   

                                  [2019-08-30T15:17:15.016+02:00 tomcat-http--4                                                           INFO  com.vmware.identity.SsoController] Welcome to SP-initiated AuthnRequest handler! The client locale is de, tenant is vsphere.local

                                  [2019-08-30T15:17:15.016+02:00 tomcat-http--4                                                           INFO  com.vmware.identity.SsoController] Request URL is https://vc-01.XX.local/websso/SAML2/SSO/vsphere.local

                                  [2019-08-30T15:17:15.054+02:00 tomcat-http--4 vsphere.local        bc5328b5-b79e-45cf-a438-b21b5c9d0276 INFO  com.vmware.identity.samlservice.impl.AuthnRequestStateValidator] Authn request proxyCount= null set isProxying=false

                                  [2019-08-30T15:17:15.060+02:00 tomcat-http--4 vsphere.local        bc5328b5-b79e-45cf-a438-b21b5c9d0276 INFO  com.vmware.identity.samlservice.impl.AuthnRequestStateValidator] Authentication request validation succeeded

                                  [2019-08-30T15:17:30.665+02:00 tomcat-http--4 vsphere.local        bc5328b5-b79e-45cf-a438-b21b5c9d0276 ERROR com.vmware.identity.idm.server.IdentityManager] Failed to authenticate principal [XX\YY] for tenant [vsphere.local]

                                  com.vmware.identity.interop.idm.IdmNativeException: Native platform error [code: 851968][null][null]

                                          at com.vmware.identity.interop.idm.LinuxIdmNativeAdapter.AuthenticateByPassword(LinuxIdmNativeAdapter.java:188) ~[vmware-identity-platform-7.0.0.jar:?]

                                          at com.vmware.identity.idm.server.provider.activedirectory.ActiveDirectoryProvider.authenticate(ActiveDirectoryProvider.java:289) ~[vmware-identity-idm-server-7.0.0.jar:?]

                                          at com.vmware.identity.idm.server.IdentityManager.authenticate(IdentityManager.java:2990) [vmware-identity-idm-server-7.0.0.jar:?]

                                          at com.vmware.identity.idm.server.IdentityManager.authenticate(IdentityManager.java:9752) [vmware-identity-idm-server-7.0.0.jar:?]

                                          at com.vmware.identity.idm.client.CasIdmClient.authenticate(CasIdmClient.java:1263) [vmware-identity-idm-client-7.0.0.jar:?]

                                          at com.vmware.identity.samlservice.impl.CasIdmAccessor.authenticate(CasIdmAccessor.java:470) [websso-7.0.0.jar:?]

                                          at com.vmware.identity.samlservice.impl.AuthnRequestStatePasswordAuthenticationFilter.authenticate(AuthnRequestStatePasswordAuthenticationFilter.java:95) [websso-7.0.0.jar:?]

                                          at com.vmware.identity.samlservice.impl.AuthnRequestStatePasswordAuthenticationFilter.authenticate(AuthnRequestStatePasswordAuthenticationFilter.java:45) [websso-7.0.0.jar:?]

                                          at com.vmware.identity.samlservice.impl.AuthnRequestStateCookieWrapper.authenticate(AuthnRequestStateCookieWrapper.java:119) [websso-7.0.0.jar:?]

                                          at com.vmware.identity.samlservice.impl.AuthnRequestStateCookieWrapper.authenticate(AuthnRequestStateCookieWrapper.java:40) [websso-7.0.0.jar:?]

                                          at com.vmware.identity.samlservice.AuthnRequestState.authenticate(AuthnRequestState.java:463) [websso-7.0.0.jar:?]

                                          at com.vmware.identity.BaseSsoController.processSsoRequest(BaseSsoController.java:85) [websso-7.0.0.jar:?]

                                          at com.vmware.identity.SsoController.sso(SsoController.java:100) [websso-7.0.0.jar:?]

                                          at sun.reflect.GeneratedMethodAccessor206.invoke(Unknown Source) ~[?:?]

                                          at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_181]

                                          at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_181]

                                          at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:205) [spring-web-4.3.9.RELEASE.jar:4.3.9.RELEASE]

                                          at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:133) [spring-web-4.3.9.RELEASE.jar:4.3.9.RELEASE]

                                          at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:97) [spring-webmvc-4.3.9.RELEASE.jar:4.3.9.RELEASE]

                                          at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:827) [spring-webmvc-4.3.9.RELEASE.jar:4.3.9.RELEASE]

                                          at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:738) [spring-webmvc-4.3.9.RELEASE.jar:4.3.9.RELEASE]

                                          at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:85) [spring-webmvc-4.3.9.RELEASE.jar:4.3.9.RELEASE]

                                          at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:967) [spring-webmvc-4.3.9.RELEASE.jar:4.3.9.RELEASE]

                                          at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:901) [spring-webmvc-4.3.9.RELEASE.jar:4.3.9.RELEASE]

                                          at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:970) [spring-webmvc-4.3.9.RELEASE.jar:4.3.9.RELEASE]

                                          at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:872) [spring-webmvc-4.3.9.RELEASE.jar:4.3.9.RELEASE]

                                          at javax.servlet.http.HttpServlet.service(HttpServlet.java:661) [servlet-api.jar:?]

                                          at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:846) [spring-webmvc-4.3.9.RELEASE.jar:4.3.9.RELEASE]

                                          at javax.servlet.http.HttpServlet.service(HttpServlet.java:742) [servlet-api.jar:?]

                                          at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231) [catalina.jar:8.5.32]

                                          at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) [catalina.jar:8.5.32]

                                          at com.vmware.identity.SecurityRequestWrapperFilter.doFilterInternal(SecurityRequestWrapperFilter.java:49) [websso-7.0.0.jar:?]

                                          at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) [spring-web-4.3.9.RELEASE.jar:4.3.9.RELEASE]

                                          at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) [catalina.jar:8.5.32]

                                          at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) [catalina.jar:8.5.32]

                                          at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) [tomcat-websocket.jar:8.5.32]

                                          at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) [catalina.jar:8.5.32]

                                          at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) [catalina.jar:8.5.32]

                                          at com.vmware.identity.diagnostics.STSLogDiagnosticsFilter.doFilter(STSLogDiagnosticsFilter.java:87) [vmware-identity-diagnostics-7.0.0.jar:?]

                                          at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) [catalina.jar:8.5.32]

                                          at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) [catalina.jar:8.5.32]

                                          at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:199) [catalina.jar:8.5.32]

                                          at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96) [catalina.jar:8.5.32]

                                          at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:493) [catalina.jar:8.5.32]

                                          at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140) [catalina.jar:8.5.32]

                                          at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81) [catalina.jar:8.5.32]

                                          at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:650) [catalina.jar:8.5.32]

                                          at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87) [catalina.jar:8.5.32]

                                          at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342) [catalina.jar:8.5.32]

                                          at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:800) [tomcat-coyote.jar:8.5.32]

                                          at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66) [tomcat-coyote.jar:8.5.32]

                                          at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:800) [tomcat-coyote.jar:8.5.32]

                                          at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1471) [tomcat-coyote.jar:8.5.32]

                                          at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) [tomcat-coyote.jar:8.5.32]

                                          at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [?:1.8.0_181]

                                          at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [?:1.8.0_181]

                                          at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) [tomcat-util.jar:8.5.32]

                                          at java.lang.Thread.run(Thread.java:748) [?:1.8.0_181]

                                  [2019-08-30T15:17:30.673+02:00 tomcat-http--4 vsphere.local        bc5328b5-b79e-45cf-a438-b21b5c9d0276 INFO  com.vmware.identity.diagnostics.VmEventAppender] EventLog: source=[VMware Identity Server], tenant=[vsphere.local], eventid=[USER_NAME_PWD_AUTH_FAILED], level=[ERROR], category=[VMEVENT_CATEGORY_STS], text=[SimpleMessage[message=Failed to authenticate principal [XX\YY]. Native platform error [code: 851968][null][null]]], detailText=[Native platform error [code: 851968][null][null]], corelationId=[bc5328b5-b79e-45cf-a438-b21b5c9d0276], timestamp=[1567171050673]

                                  [2019-08-30T15:17:30.673+02:00 tomcat-http--4 vsphere.local        bc5328b5-b79e-45cf-a438-b21b5c9d0276 ERROR com.vmware.identity.idm.server.IdentityManager] Failed to authenticate principal [XX\YY]. Native platform error [code: 851968][null][null]

                                  com.vmware.identity.interop.idm.IdmNativeException: Native platform error [code: 851968][null][null]

                                          at com.vmware.identity.interop.idm.LinuxIdmNativeAdapter.AuthenticateByPassword(LinuxIdmNativeAdapter.java:188) ~[vmware-identity-platform-7.0.0.jar:?]

                                          at com.vmware.identity.idm.server.provider.activedirectory.ActiveDirectoryProvider.authenticate(ActiveDirectoryProvider.java:289) ~[vmware-identity-idm-server-7.0.0.jar:?]

                                          at com.vmware.identity.idm.server.IdentityManager.authenticate(IdentityManager.java:2990) [vmware-identity-idm-server-7.0.0.jar:?]

                                          at com.vmware.identity.idm.server.IdentityManager.authenticate(IdentityManager.java:9752) [vmware-identity-idm-server-7.0.0.jar:?]

                                          at com.vmware.identity.idm.client.CasIdmClient.authenticate(CasIdmClient.java:1263) [vmware-identity-idm-client-7.0.0.jar:?]

                                          at com.vmware.identity.samlservice.impl.CasIdmAccessor.authenticate(CasIdmAccessor.java:470) [websso-7.0.0.jar:?]

                                          at com.vmware.identity.samlservice.impl.AuthnRequestStatePasswordAuthenticationFilter.authenticate(AuthnRequestStatePasswordAuthenticationFilter.java:95) [websso-7.0.0.jar:?]

                                          at com.vmware.identity.samlservice.impl.AuthnRequestStatePasswordAuthenticationFilter.authenticate(AuthnRequestStatePasswordAuthenticationFilter.java:45) [websso-7.0.0.jar:?]

                                          at com.vmware.identity.samlservice.impl.AuthnRequestStateCookieWrapper.authenticate(AuthnRequestStateCookieWrapper.java:119) [websso-7.0.0.jar:?]

                                          at com.vmware.identity.samlservice.impl.AuthnRequestStateCookieWrapper.authenticate(AuthnRequestStateCookieWrapper.java:40) [websso-7.0.0.jar:?]

                                          at com.vmware.identity.samlservice.AuthnRequestState.authenticate(AuthnRequestState.java:463) [websso-7.0.0.jar:?]

                                          at com.vmware.identity.BaseSsoController.processSsoRequest(BaseSsoController.java:85) [websso-7.0.0.jar:?]

                                          at com.vmware.identity.SsoController.sso(SsoController.java:100) [websso-7.0.0.jar:?]

                                          at sun.reflect.GeneratedMethodAccessor206.invoke(Unknown Source) ~[?:?]

                                          at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_181]

                                          at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_181]

                                          at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:205) [spring-web-4.3.9.RELEASE.jar:4.3.9.RELEASE]

                                          at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:133) [spring-web-4.3.9.RELEASE.jar:4.3.9.RELEASE]

                                          at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:97) [spring-webmvc-4.3.9.RELEASE.jar:4.3.9.RELEASE]

                                          at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:827) [spring-webmvc-4.3.9.RELEASE.jar:4.3.9.RELEASE]

                                          at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:738) [spring-webmvc-4.3.9.RELEASE.jar:4.3.9.RELEASE]

                                          at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:85) [spring-webmvc-4.3.9.RELEASE.jar:4.3.9.RELEASE]

                                          at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:967) [spring-webmvc-4.3.9.RELEASE.jar:4.3.9.RELEASE]

                                          at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:901) [spring-webmvc-4.3.9.RELEASE.jar:4.3.9.RELEASE]

                                          at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:970) [spring-webmvc-4.3.9.RELEASE.jar:4.3.9.RELEASE]

                                          at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:872) [spring-webmvc-4.3.9.RELEASE.jar:4.3.9.RELEASE]

                                          at javax.servlet.http.HttpServlet.service(HttpServlet.java:661) [servlet-api.jar:?]

                                          at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:846) [spring-webmvc-4.3.9.RELEASE.jar:4.3.9.RELEASE]

                                          at javax.servlet.http.HttpServlet.service(HttpServlet.java:742) [servlet-api.jar:?]

                                          at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231) [catalina.jar:8.5.32]

                                          at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) [catalina.jar:8.5.32]

                                          at com.vmware.identity.SecurityRequestWrapperFilter.doFilterInternal(SecurityRequestWrapperFilter.java:49) [websso-7.0.0.jar:?]

                                          at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) [spring-web-4.3.9.RELEASE.jar:4.3.9.RELEASE]

                                          at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) [catalina.jar:8.5.32]

                                          at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) [catalina.jar:8.5.32]

                                          at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) [tomcat-websocket.jar:8.5.32]

                                          at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) [catalina.jar:8.5.32]

                                          at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) [catalina.jar:8.5.32]

                                          at com.vmware.identity.diagnostics.STSLogDiagnosticsFilter.doFilter(STSLogDiagnosticsFilter.java:87) [vmware-identity-diagnostics-7.0.0.jar:?]

                                          at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) [catalina.jar:8.5.32]

                                          at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) [catalina.jar:8.5.32]

                                          at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:199) [catalina.jar:8.5.32]

                                          at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96) [catalina.jar:8.5.32]

                                          at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:493) [catalina.jar:8.5.32]

                                          at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140) [catalina.jar:8.5.32]

                                          at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81) [catalina.jar:8.5.32]

                                          at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:650) [catalina.jar:8.5.32]

                                          at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87) [catalina.jar:8.5.32]

                                          at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342) [catalina.jar:8.5.32]

                                          at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:800) [tomcat-coyote.jar:8.5.32]

                                          at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66) [tomcat-coyote.jar:8.5.32]

                                          at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:800) [tomcat-coyote.jar:8.5.32]

                                          at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1471) [tomcat-coyote.jar:8.5.32]

                                          at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) [tomcat-coyote.jar:8.5.32]

                                          at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [?:1.8.0_181]

                                          at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [?:1.8.0_181]

                                          at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) [tomcat-util.jar:8.5.32]

                                          at java.lang.Thread.run(Thread.java:748) [?:1.8.0_181]

                                  [2019-08-30T15:17:30.675+02:00 tomcat-http--4 vsphere.local        bc5328b5-b79e-45cf-a438-b21b5c9d0276 INFO  com.vmware.identity.idm.server.IdentityManager] Authentication failed for user [XX\YY] in tenant [vsphere.local] in [15614] milliseconds with provider [XX.local] of type [com.vmware.identity.idm.server.provider.activedirectory.ActiveDirectoryProvider]

                                  [2019-08-30T15:17:30.675+02:00 tomcat-http--4 vsphere.local        bc5328b5-b79e-45cf-a438-b21b5c9d0276 ERROR com.vmware.identity.idm.server.ServerUtils] Exception 'com.vmware.identity.idm.IDMLoginException: Native platform error [code: 851968][null][null]'

                                  com.vmware.identity.idm.IDMLoginException: Native platform error [code: 851968][null][null]

                                          at com.vmware.identity.idm.server.IdentityManager.authenticate(IdentityManager.java:3100) ~[vmware-identity-idm-server-7.0.0.jar:?]

                                          at com.vmware.identity.idm.server.IdentityManager.authenticate(IdentityManager.java:9752) [vmware-identity-idm-server-7.0.0.jar:?]

                                          at com.vmware.identity.idm.client.CasIdmClient.authenticate(CasIdmClient.java:1263) [vmware-identity-idm-client-7.0.0.jar:?]

                                          at com.vmware.identity.samlservice.impl.CasIdmAccessor.authenticate(CasIdmAccessor.java:470) [websso-7.0.0.jar:?]

                                          at com.vmware.identity.samlservice.impl.AuthnRequestStatePasswordAuthenticationFilter.authenticate(AuthnRequestStatePasswordAuthenticationFilter.java:95) [websso-7.0.0.jar:?]

                                          at com.vmware.identity.samlservice.impl.AuthnRequestStatePasswordAuthenticationFilter.authenticate(AuthnRequestStatePasswordAuthenticationFilter.java:45) [websso-7.0.0.jar:?]

                                          at com.vmware.identity.samlservice.impl.AuthnRequestStateCookieWrapper.authenticate(AuthnRequestStateCookieWrapper.java:119) [websso-7.0.0.jar:?]

                                          at com.vmware.identity.samlservice.impl.AuthnRequestStateCookieWrapper.authenticate(AuthnRequestStateCookieWrapper.java:40) [websso-7.0.0.jar:?]

                                          at com.vmware.identity.samlservice.AuthnRequestState.authenticate(AuthnRequestState.java:463) [websso-7.0.0.jar:?]

                                          at com.vmware.identity.BaseSsoController.processSsoRequest(BaseSsoController.java:85) [websso-7.0.0.jar:?]

                                          at com.vmware.identity.SsoController.sso(SsoController.java:100) [websso-7.0.0.jar:?]

                                          at sun.reflect.GeneratedMethodAccessor206.invoke(Unknown Source) ~[?:?]

                                          at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_181]

                                          at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_181]

                                          at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:205) [spring-web-4.3.9.RELEASE.jar:4.3.9.RELEASE]

                                          at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:133) [spring-web-4.3.9.RELEASE.jar:4.3.9.RELEASE]

                                          at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:97) [spring-webmvc-4.3.9.RELEASE.jar:4.3.9.RELEASE]

                                          at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:827) [spring-webmvc-4.3.9.RELEASE.jar:4.3.9.RELEASE]

                                          at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:738) [spring-webmvc-4.3.9.RELEASE.jar:4.3.9.RELEASE]

                                          at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:85) [spring-webmvc-4.3.9.RELEASE.jar:4.3.9.RELEASE]

                                          at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:967) [spring-webmvc-4.3.9.RELEASE.jar:4.3.9.RELEASE]

                                          at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:901) [spring-webmvc-4.3.9.RELEASE.jar:4.3.9.RELEASE]

                                          at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:970) [spring-webmvc-4.3.9.RELEASE.jar:4.3.9.RELEASE]

                                          at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:872) [spring-webmvc-4.3.9.RELEASE.jar:4.3.9.RELEASE]

                                          at javax.servlet.http.HttpServlet.service(HttpServlet.java:661) [servlet-api.jar:?]

                                          at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:846) [spring-webmvc-4.3.9.RELEASE.jar:4.3.9.RELEASE]

                                          at javax.servlet.http.HttpServlet.service(HttpServlet.java:742) [servlet-api.jar:?]

                                          at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231) [catalina.jar:8.5.32]

                                          at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) [catalina.jar:8.5.32]

                                          at com.vmware.identity.SecurityRequestWrapperFilter.doFilterInternal(SecurityRequestWrapperFilter.java:49) [websso-7.0.0.jar:?]

                                          at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) [spring-web-4.3.9.RELEASE.jar:4.3.9.RELEASE]

                                          at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) [catalina.jar:8.5.32]

                                          at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) [catalina.jar:8.5.32]

                                          at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) [tomcat-websocket.jar:8.5.32]

                                          at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) [catalina.jar:8.5.32]

                                          at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) [catalina.jar:8.5.32]

                                          at com.vmware.identity.diagnostics.STSLogDiagnosticsFilter.doFilter(STSLogDiagnosticsFilter.java:87) [vmware-identity-diagnostics-7.0.0.jar:?]

                                          at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) [catalina.jar:8.5.32]

                                          at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) [catalina.jar:8.5.32]

                                          at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:199) [catalina.jar:8.5.32]

                                          at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96) [catalina.jar:8.5.32]

                                          at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:493) [catalina.jar:8.5.32]

                                          at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140) [catalina.jar:8.5.32]

                                          at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81) [catalina.jar:8.5.32]

                                          at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:650) [catalina.jar:8.5.32]

                                          at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87) [catalina.jar:8.5.32]

                                          at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342) [catalina.jar:8.5.32]

                                          at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:800) [tomcat-coyote.jar:8.5.32]

                                          at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66) [tomcat-coyote.jar:8.5.32]

                                          at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:800) [tomcat-coyote.jar:8.5.32]

                                          at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1471) [tomcat-coyote.jar:8.5.32]

                                          at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) [tomcat-coyote.jar:8.5.32]

                                          at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [?:1.8.0_181]

                                          at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [?:1.8.0_181]

                                          at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) [tomcat-util.jar:8.5.32]

                                          at java.lang.Thread.run(Thread.java:748) [?:1.8.0_181]

                                  [2019-08-30T15:17:30.676+02:00 tomcat-http--4 vsphere.local        bc5328b5-b79e-45cf-a438-b21b5c9d0276 ERROR com.vmware.identity.samlservice.impl.CasIdmAccessor] Caught exception.

                                  com.vmware.identity.idm.IDMLoginException: Native platform error [code: 851968][null][null]

                                          at com.vmware.identity.idm.server.ServerUtils.getRemoteException(ServerUtils.java:123) ~[vmware-identity-idm-server-7.0.0.jar:?]

                                          at com.vmware.identity.idm.server.IdentityManager.authenticate(IdentityManager.java:9756) ~[vmware-identity-idm-server-7.0.0.jar:?]

                                          at com.vmware.identity.idm.client.CasIdmClient.authenticate(CasIdmClient.java:1263) ~[vmware-identity-idm-client-7.0.0.jar:?]

                                          at com.vmware.identity.samlservice.impl.CasIdmAccessor.authenticate(CasIdmAccessor.java:470) [websso-7.0.0.jar:?]

                                          at com.vmware.identity.samlservice.impl.AuthnRequestStatePasswordAuthenticationFilter.authenticate(AuthnRequestStatePasswordAuthenticationFilter.java:95) [websso-7.0.0.jar:?]

                                          at com.vmware.identity.samlservice.impl.AuthnRequestStatePasswordAuthenticationFilter.authenticate(AuthnRequestStatePasswordAuthenticationFilter.java:45) [websso-7.0.0.jar:?]

                                          at com.vmware.identity.samlservice.impl.AuthnRequestStateCookieWrapper.authenticate(AuthnRequestStateCookieWrapper.java:119) [websso-7.0.0.jar:?]

                                          at com.vmware.identity.samlservice.impl.AuthnRequestStateCookieWrapper.authenticate(AuthnRequestStateCookieWrapper.java:40) [websso-7.0.0.jar:?]

                                          at com.vmware.identity.samlservice.AuthnRequestState.authenticate(AuthnRequestState.java:463) [websso-7.0.0.jar:?]

                                          at com.vmware.identity.BaseSsoController.processSsoRequest(BaseSsoController.java:85) [websso-7.0.0.jar:?]

                                          at com.vmware.identity.SsoController.sso(SsoController.java:100) [websso-7.0.0.jar:?]

                                          at sun.reflect.GeneratedMethodAccessor206.invoke(Unknown Source) ~[?:?]

                                          at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_181]

                                          at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_181]

                                          at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:205) [spring-web-4.3.9.RELEASE.jar:4.3.9.RELEASE]

                                          at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:133) [spring-web-4.3.9.RELEASE.jar:4.3.9.RELEASE]

                                          at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:97) [spring-webmvc-4.3.9.RELEASE.jar:4.3.9.RELEASE]

                                          at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:827) [spring-webmvc-4.3.9.RELEASE.jar:4.3.9.RELEASE]

                                          at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:738) [spring-webmvc-4.3.9.RELEASE.jar:4.3.9.RELEASE]

                                          at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:85) [spring-webmvc-4.3.9.RELEASE.jar:4.3.9.RELEASE]

                                          at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:967) [spring-webmvc-4.3.9.RELEASE.jar:4.3.9.RELEASE]

                                          at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:901) [spring-webmvc-4.3.9.RELEASE.jar:4.3.9.RELEASE]

                                          at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:970) [spring-webmvc-4.3.9.RELEASE.jar:4.3.9.RELEASE]

                                          at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:872) [spring-webmvc-4.3.9.RELEASE.jar:4.3.9.RELEASE]

                                          at javax.servlet.http.HttpServlet.service(HttpServlet.java:661) [servlet-api.jar:?]

                                          at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:846) [spring-webmvc-4.3.9.RELEASE.jar:4.3.9.RELEASE]

                                          at javax.servlet.http.HttpServlet.service(HttpServlet.java:742) [servlet-api.jar:?]

                                          at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231) [catalina.jar:8.5.32]

                                          at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) [catalina.jar:8.5.32]

                                          at com.vmware.identity.SecurityRequestWrapperFilter.doFilterInternal(SecurityRequestWrapperFilter.java:49) [websso-7.0.0.jar:?]

                                          at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) [spring-web-4.3.9.RELEASE.jar:4.3.9.RELEASE]

                                          at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) [catalina.jar:8.5.32]

                                          at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) [catalina.jar:8.5.32]

                                          at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) [tomcat-websocket.jar:8.5.32]

                                          at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) [catalina.jar:8.5.32]

                                          at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) [catalina.jar:8.5.32]

                                          at com.vmware.identity.diagnostics.STSLogDiagnosticsFilter.doFilter(STSLogDiagnosticsFilter.java:87) [vmware-identity-diagnostics-7.0.0.jar:?]

                                          at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) [catalina.jar:8.5.32]

                                          at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) [catalina.jar:8.5.32]

                                          at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:199) [catalina.jar:8.5.32]

                                          at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96) [catalina.jar:8.5.32]

                                          at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:493) [catalina.jar:8.5.32]

                                          at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140) [catalina.jar:8.5.32]

                                          at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81) [catalina.jar:8.5.32]

                                          at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:650) [catalina.jar:8.5.32]

                                          at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87) [catalina.jar:8.5.32]

                                          at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342) [catalina.jar:8.5.32]

                                          at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:800) [tomcat-coyote.jar:8.5.32]

                                          at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66) [tomcat-coyote.jar:8.5.32]

                                          at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:800) [tomcat-coyote.jar:8.5.32]

                                          at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1471) [tomcat-coyote.jar:8.5.32]

                                          at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) [tomcat-coyote.jar:8.5.32]

                                          at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [?:1.8.0_181]

                                          at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [?:1.8.0_181]

                                          at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) [tomcat-util.jar:8.5.32]

                                          at java.lang.Thread.run(Thread.java:748) [?:1.8.0_181]

                                  [2019-08-30T15:17:30.677+02:00 tomcat-http--4 vsphere.local        bc5328b5-b79e-45cf-a438-b21b5c9d0276 ERROR com.vmware.identity.samlservice.AuthnRequestState] Caught Saml Service Exception from authenticate com.vmware.identity.samlservice.SamlServiceException

                                  [2019-08-30T15:17:30.677+02:00 tomcat-http--4 vsphere.local        bc5328b5-b79e-45cf-a438-b21b5c9d0276 INFO  com.vmware.identity.samlservice.impl.SAMLAuthnResponseSender] Responded with ERROR 401 message Falscher Benutzername/falsches Kennwort

                                  [2019-08-30T15:17:30.677+02:00 tomcat-http--4 vsphere.local        bc5328b5-b79e-45cf-a438-b21b5c9d0276 INFO  com.vmware.identity.BaseSsoController] End processing SP-Initiated SSO response. Session was created.

                                  1 2 Previous Next