Environment:
SOI 3.3
EEM 12.51
Problem:
EEM is integrated with Microsoft Active Directory, this configuration is working as expected. In the SOI Console, added couple of AD users to Administrator group.
But none of the AD users are unable to access SOI UI and getting Authentication failure errors.
In the \SOI\SamUI\logs\soiuis-debug.log shows below exceptions...
eem.EEMSSOContext.authenticateWithPassword(283) - [Authenticate Error: Authentication Failed, Identity Attempted: <DomainName\UserFirstname.LName] com.ca.eiam.SafePasswordException: EE_AUTHFAILED Authentication Failed
eem.EEMSSOContext.authenticateWithPassword(299) - EEMSSOContext::authenticateWithPassword - EEM Exception while authenticating...
EE_BADOBJECT Bad Object[resource=/sam/ui/index.jsp][username=<DomainName\UserFirstname.LName]
eem.EEMSSOContext.authenticateWithPassword(303) - [] com.ca.eiam.SafeException: EE_BADOBJECT Bad Object
Resolution:
1) Logon to EEM UI -> Configure -> User Store -> "Reference from an external LDAP Directory"
2) If "Microsoft Active Directory Forest" option is selected, then SOI users cannot be authenticated (see attached screenshot)
3) Change this option to "Basic LDAP Directory" (see attached screenshot)
4) Now, all AD users will be able to access SOI UI