Skip to main content

 

Druva Documentation

Unable to login to inSync Web or activate inSync client using AD credentials

Overview

This article provides the troubleshooting steps for login failure issue using AD credentials.

Traceback

When we try to activate a client or login to web with AD credentials, it will give a general error : Invalid credentials (#10000005f).  

You will see the following error message logged at C:\inSyncADConnector\inSyncADConnector.log (where AD connector is installed) every time a user tries to login/activate.

[2015-07-23 15:24:49,963] [DEBUG] Error <class 'ldap.INVALID_CREDENTIALS'>:{'info': '80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 531, v1db1', 'desc': 'Invalid credentials'}. Traceback -Traceback (most recent call last):

  File "Srv\inSyncADConnectorRPC.pyc", line 72, in connect_ad

  File "ldap\ldapobject.pyc", line 208, in simple_bind_s

  File "ldap\ldapobject.pyc", line 469, in result3

  File "ldap\ldapobject.pyc", line 476, in result4

  File "ldap\ldapobject.pyc", line 99, in _ldap_call

INVALID_CREDENTIALS: {'info': '80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 531, v1db1', 'desc': 'Invalid credentials'}

[2015-07-23 15:24:49,963] [ERROR] Error <class 'inSyncLib.inSyncError.SyncError'>:Invalid credentials (#10000005f). Traceback -Traceback (most recent call last):

  File "inSyncLib\inSyncRPCServer.pyc", line 95, in call_method

  File "inSyncLib\inSyncRPCBase.pyc", line 1057, in call_method

  File "Srv\inSyncADConnectorRPC.pyc", line 81, in connect_ad

SyncError: Invalid credentials (#10000005f)

Cause

  • This error message is due to the setting "Allow user to log on to a specified computer" in Active Directory. This setting restricts the user to logon to only a specified computer.
  • There might be a mismatch in the attribute of AD Mapping and users summary information.

Resolution 1

  1. To resolve this issue go to your Active Directory server. Open the User and Computers snap in. Go to the container where failed user resides.  

Active_Directory_Users_Computers.png

  1. Right click user and go to properties.  Select the Account tab.

TestUserProperties.png

  1. Select "Log on to..." and remove computer from "The following computers" section or select All Computers option and click OK.

LogonWorkstations.png

  1. Try to activate the user/login to inSync web and the authentication should succeed.

Reference Article:         

https://support.software.dell.com/kb/sw8359

Resolution 2

We need to ensure AD username field should match the UPN of the user in the AD. The UPN of the user can be found under the "Account" tab in the AD for user properties.