Discussions
Categories
Groups
Community Home
Categories
INTERNAL ENABLEMENT
POPULAR
THRUST SERVICES & TOOLS
CLOUD EDITIONS
Quick Links
MY LINKS
HELPFUL TIPS
Back to website
Home
Web CMS (TeamSite)
TeamSite and Active Directory not working together
Bill Klish
TeamSite server:
- Version 6.1 SP1
- Windows 2003 EE
AD Server:
- Windows 2003 EE
The TeamSite server has been added to the TEAMSITE domain that I added to a windows 2003 EE box laying around (it is the domain controller as well).
These servers are located on the same private subnet and I have been able to successfully validate that I can get from the TeamSite server to the AD and query the info using some perl scripts I saw laying around this forum.
This is what I have in my iw.cfg file:
[authentication]
authenticate_by=ldap
ldap_server=192.168.96.152
ldap_port=389
ldap_dnbase=ou=TeamSite,dc=mycompany,dc=com
ldap_key=sAMAccountName
ldap_account=cn=TSAuth,cn=Users,dc=mycompany,dc=com
ldap_pwd=password
I have a user called Admin defined in the TeamSite Organization Unit within my Active Directory. I have not tried to move the roles over yet.
In the login screen, I enter in Admin for username, password, then select professional interface, role editor and TEAMSITE as the domain. After hitting login, I am given back the error: Failure in Operation. I took a look at the servletd_out.log file and it contains the following exception:
2005-10-05 14:28:36,161 [Thread-2] DEBUG com.interwoven.ui.teamsite.auth.CSClientContext () - domain set, full user name is TEAMSITE\Admin
2005-10-05 14:28:36,161 [Thread-2] DEBUG com.interwoven.ui.teamsite.auth.CSClientContext () - authenticating user TEAMSITE\Admin for role editor using password
2005-10-05 14:28:36,176 [Thread-2] ERROR com.interwoven.ui.teamsite.auth.CSClientContext () - Unexpected authentication failure
com.interwoven.cssdk.common.CSException: Admin(Failure in operation)
at com.interwoven.cssdk.access.jni.CSUserJNIServer.beginSessionUsingPassword(Native Method)
at com.interwoven.cssdk.access.jni.AccessServiceAdapterImpl.beginSessionUsingPassword(AccessServiceAdapterImpl.java:45)
at com.interwoven.cssdk.factory.CSLocalFactory.getClient(CSLocalFactory.java:81)
at com.interwoven.ui.teamsite.auth.CSClientContext.createFromPassword(CSClientContext.java:313)
at com.interwoven.ui.teamsite.auth.CSClientContext.create(CSClientContext.java:204)
at com.interwoven.ui.base.impl.context.ContextFactory.createContext(ContextFactory.java:67)
at com.interwoven.ui.base.impl.context.ContextSetImpl.doCreateContext(ContextSetImpl.java:108)
at com.interwoven.ui.base.impl.context.AbstractContextSet.doGetContext(AbstractContextSet.java:331)
at com.interwoven.ui.base.impl.context.AbstractContextSet.getContext(AbstractContextSet.java:295)
at com.interwoven.ui.base.impl.context.AbstractContextSet.getContext(AbstractContextSet.java:255)
at com.interwoven.ui.base.impl.auth.AuthenticationFilter.doFilter(AuthenticationFilter.java:194)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:213)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:193)
at com.interwoven.ui.base.util.SetRequestEncodingFilter.doFilter(SetRequestEncodingFilter.java:105)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:213)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:256)
at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at org.apache.catalina.core.StandardContext.invoke(StandardContext.java:2415)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:180)
at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643)
at org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatcherValve.java:171)
at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:172)
at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:174)
at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at org.apache.coyote.tomcat4.CoyoteAdapter.service(CoyoteAdapter.java:223)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:594)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:392)
at org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:565)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:619)
at java.lang.Thread.run(Thread.java:479)
The iwtrace.log file doesn't contain anything, nor does iwserver.log. I added the entry teamsite\Admin to the editor.uid file on the local server.
Oddly, I can still login to the server using the local accounts, even though I didn't specify local as one of the authentication mechanisms.
Any idea what I am doing wrong?
Find more posts tagged with
Comments
Bill Klish
I solved the problem. These servers were created as cloned vmware images and both servers had the same Windows 2003 SID, causing the authentication failure. It is undocumented that authentication fails when SID are the same.
I ran a freeware utility that generates a new SID on my AD server and the problem took care of itself.
