SSL Failure - Unable to Log In - December 22, 2000

Symptom: Users trying to log in with SSL Proxy Authentication are unable to, and get back the error message:

"Login failed. Please try again""

SSO (Proxy Authentication with CLNTRUST) is working fine. The users are typing in the fully-distinguished user ID + tree name, as in:

userid.ou.o.tree, and it still doesn't work.

Solution: Delete the Login Policy Object (LPO) from the Security container. Then, find the lpocache.dat in the SYS:SYSTEM directory of the BorderManager server and delete it. Finally, reboot the server.

Note: The LPO may be necessary when configuring Client-Site VPN on a BorderManager 3.5 server. You definitely need an LPO for ActivCard / RADIUS. However, the LPO normally does not stop SSL Proxy Authentication, so you should be able to get both SSL and the LPO to co-exist. Probably deleting and recreating it will solve the problem above. Be aware that you may need to create the LPO with theADMIN user, not an admin-equivalent user ID for it to work properly.



Return to the Main Page