OppenSSO login Error - Authentication Failed.

[Mo]

We have been using Google Apps with the OpenSSO and it has been working great. However Yesterday afternoon SSO authentication failed for all users. I have rebooted the SSO server and checked all the settings but keep getting following error message

 

I have checked:

1.       User account and  it exist.

2.       Network connectivity between SSO server and (AD) LDAP query was ok

3.       Web service is running (glassfish) thus, users were able to get to the login screen

4.       In this log file (amAuthentication.error), I  noticed below error message

"2011-02-22 18:16:44"           "Invalid Password"          <user>  "Not Available" 10.90.26.21         INFO       dc=opensso,dc=java,dc=net       "cn=dsameuser,ou=DSAME Users,dc=opensso,dc=java,dc=net"       AUTHENTICATION-201  ActiveDirectory "Not Available" 10.90.26.21

 

 

Any recommendations are appreciated.

[Michael Manoochehri]

Mo,

Even though there was network connectivity between the SSO and LDAP
machines (and perhaps you can make queries to the AD LDAP from the
command line?), it still looks like an error with your SSO
implementation not being able to make successful LDAP queries. Can you
confirm that there have been no changes to your ADFS installation?

- Michael

[Mo]

We have not change anything to our domain controllers

[Mo]

Michael,

Is there anything I could do to check ADFS? As I mentioned openSSO was working fine up until yesterday afternoon and all of a sudden it stopped working.  Is there anything I can do to restore the connectivity?

[Michael Manoochehri]

Hi Mo:

We don't directly support ADFS, but I would first check the diagnostics, as described here:

http://blogs.msdn.com/b/card/archive/2010/01/21/diagnostics-in-ad-fs-2-0.aspx

-Michael