version 3.3.1 203
Hi Ralf, the report show this error codes on the accounts; what the error codes "1604" and "5753" means ? the working accounts have no error codes, but "true" in the field
04/12/2019 00:30 1604 user1 ldap.xxxx.com LDAP - Active Directory true 263.411 ScheduledJob
01/12/2019 04:00 5753 user2 ldap.xxx.com LDAP - Active Directory true 133.065 ScheduledJob
How can i check the tomcat log ?
thank you
Original Message:
Sent: 12-05-2019 12:37 AM
From: Ralf Prigl
Subject: Password change jobs
Hi Patricio, The first step is to review the Account Passwords Update Attempts report and see at what time the password was attempted to change, and what error code was returned. Then you can check the tomcat log for errors at that time. What release are you running? There was a problem at one point where PAM would regard a password update attempt always as failed if no response came back from Active Directory, w/o checking whether the password in fact changed or not. The most recent releases should have a fix for that particular problem. If you can't figure it out, please open a support case for detailed review.
Original Message:
Sent: 12-04-2019 03:13 AM
From: Patrizio Begni
Subject: Password change jobs
Hi, we have a scheduled job to change the AD password of the target account.
All the target account have permission to change is own password ; every day after the job ran , we have around 20-30 accounts that (randomly) not work anymore due to "unverified" state ; the password that pam have is not alligned with active directory.
Noone other than pam change the password of that accounts...
how can we solve that ?
thank you