Common user authentication issues from device

  • Document ID:7012048
  • Creation Date:29-Mar-2013
  • Modified Date:26-Jun-2014
    • Micro Focus Products:
      ConsoleOne
      GroupWise
      GroupWise Mobility Service

Environment

Novell Data Synchronizer Mobility Pack
Novell Data Synchronizer Connector for Mobility

Situation

Cannot authenticate user from device.
User account fails with authentication failure.
Unable to login as user from device.

Resolution

There are many possible reasons for failed user authentication. There are keywords in the mobility-agent log file when the Logging Level is set to 'Debug' from WebAdmin. For WebAdmin authentication issues, see TID 7012649.

Please follow the steps below to check the logs for keywords:
  1. See TID 7015282  - How to install dsapp on a Mobility server.
    Note: Once dsapp is loaded, proceed with the steps below.
  2. Select User Issues
  3. Select User Authentication Issues
  4. Provide the UserID of the suspected user.
    Note: Relevant authentication issues are returned, as well as steps for potential solutions. The entire log file /var/log/datasync/connectors/mobility-agent.log is checked for any authentication errors. In order to start with a clean slate, backup or delete this log file before running the dsapp check again, otherwise, the same issue will be reported again.


Note: If any changes are made to the GroupWise or DataSync system,
consider restarting Mobility to refresh any possible caching.


Additional Information

Monitor the Mobility log file for the authentication error:

  1. From a terminal window, type:
    • cd /var/log/datasync/connectors
    • Check the log file:
      • Mobility version 2.0+ and above:
        tail -f mobility-agent.log | grep -i <userID>
      • Mobility version 1.2.5 and below:
        tail -f default.pipeline1.mobility-AppInterface.log | grep -i <userID>Note: replace '<userID>' with the userID of the user having authentication troubles.
    • Attempt connecting from the device, and watch logs for activity.

  2. Below is a list of keywords identifying possible authentication issues (cause - error message):
    • User locked, expired, disabled - "authentication problem"
         Check the following from ConsoleOne:
      • Properties of the user
      • Restrictions tab
      • Password Restrictions, Login Restrictions, Intruder Lockout
    • Incorrect password - "Failed to Authenticate User"
         To change Mobility Connector Authentication Type (eDirectory/LDAP or GroupWise):
         To change GroupWise password:
      • Properties of the user
      • GroupWise tab | Account
      • Change GroupWise Password
         To change LDAP/eDirectory password:
      • Properties of the user
      • Restrictions Tab | Password Restrictions
      • Change Password
    • Password expired - "Password expired for user... returning failed authentication"
      • Properties of user
      • Depending on Authentication Type:
        • (eDirectory/LDAP) Select the  Restrictions tab | Login Restrictions
        • (GroupWise) Select the GroupWise tab | Account
      • Expiration Date
    • Initial Sync - "Connection Blocked"
      • The user's initial sync has not yet finished, or has failed.
      • Verify the user's status in the Mobility Monitor page. Devices will be blocked until the user has been successfully synced.
    • Communication problem - "Can't contact LDAP server"
      • Mobility cannot contact LDAP server. Check LDAP settings in WebAdmin.

  3. Restart DataSync to refresh cache:
    • From a terminal window, enter:
      rcdatasync restart