Community

LDAP Authentication Err: Failed to compute the privilege for the user. socket closed

7832
18
03-08-2013 04:23 AM
WillWhite1
by
New Contributor
‎03-08-2013 04:23 AM
Hi All

I'm wondering if anyone has thoughts on an issue I am having with ArcGIS Server 10.1 SP1.

I am managing users via an LDAP server. If I am accessing mapservices or indeed Manager/Admin Directory from a browser, following after a period of inactivity (2 hours I think) I am unable to re-authenticate. I get a message saying that the user doesn't have permission to access. I need to clear the browser cache, or re-open the browser/clear cache in order to be able to re-authenticate.

In the server logs I am getting:

"Failed to compute the privilege for the user '<user>'. <ldapserver>:<port>; socket closed"

I dont think there are any firewalls between my ArcGIS Server and the LDAP server.

I am using a webadaptor, with web authentication.

Any thoughts on how to either extend this time out or remove it all together?

Thanks in advance

Will
0 Kudos
18 Replies
BubbaHey
by
Occasional Contributor III
‎03-08-2013 11:12 AM
Does the username contain a comma or other non-standard character? IF so, there is a bug on this, remove the character
0 Kudos
WillWhite1
by
New Contributor
‎03-12-2013 04:57 AM
Does the username contain a comma or other non-standard character? IF so, there is a bug on this, remove the character


Thanks for your suggestion: It contains a couple of hyphens: ie a bit like this "abcde-f-ghi". Is this considered a non-standard charater?
0 Kudos
BubbaHey
by
Occasional Contributor III
‎03-13-2013 10:04 AM
That should be fine.  Did you find a resolution?
0 Kudos
JustinRodriguez
by
Occasional Contributor
‎03-13-2013 11:05 AM
I think this is just saying that the user isn't found. First, does windows authentication work at the GIS Tier? Thanks-
0 Kudos
WillWhite1
by
New Contributor
‎03-14-2013 09:00 AM
I think this is just saying that the user isn't found. First, does windows authentication work at the GIS Tier? Thanks-


Thanks for your comments. I've not tried GIS Tier Authentication - would this model support Windows Authentication?

I'm investigating increasing the TCP timeout to see if this helps.
0 Kudos
JustinRodriguez
by
Occasional Contributor
‎03-14-2013 09:05 AM
Hello again,
No GIS Tier does not support the Windows Authentication, but you can use Windows to Authenticate. It would be a way to tell if the issue is on the server side or the web tier side. Thanks-

Justin
0 Kudos
BubbaHey
by
Occasional Contributor III
‎04-02-2013 06:50 AM
I agree with Justin, try GIS. The only advantage (really) with Web Tier is single sign-on. Problem is it limits you, and I've seen problems publishing using Web tier.
0 Kudos
NathanSommers
by
New Contributor III
‎07-17-2013 06:58 AM
Good Morning,

I too have this same issue and I was wondering if you have found a solution to this problem.  In my instance I have found that the user group the user is a member of has lost all privileges for a specific service.  Once I go into ArcGIS Manager and restore the permissions for that user group all is well.  I do not however have any idea as to why the permissions get removed in the first place.  Any thoughts would be greatly appreciated.

Thanks,
Ian
0 Kudos
JamesCameron1
by
New Contributor II
‎08-13-2013 06:43 PM
I too am having this issue.....

We have a large AD with a large number of groups.... I wonder if it is a Kerberos token size issue......

This issue sound kind of like it http://support.esri.com/en/bugs/nimbus/TklNMDg2ODA3

Apart from I am using 10.2 so it should be resolved....

Had the same issue on upgrade and fresh install (on a new OS).....
0 Kudos