AnsweredAssumed Answered

Solution:Could not initialize class com...discovery.security.manager.." w/Active Dir

Question asked by rastrauch Champion on Jul 31, 2012
Latest reply on Sep 3, 2013 by junius73
Problem: When using ArcGIS Server 10.1 with the Active Directory as the Security Data Store and a domain account to access the Active Directory users, if you update/change the password for the domain account, you may get a SEVERE error in the ArcGIS Server Logs:
  "Unable to process request. Could not initialize class com.esri.arcgis.discovery.security.manager WebSecurityManager"

and a similar error when trying to access the REST endpoint (via http://<server>/arcgis/rest/services) - - sorry, can't give exact error right now since I have fixed the problem on my machine and I didn't capture the error.

Suggested Solution: ArcGIS Security is currently storing the password for the domain acount.   To fix the problem 1) short term: re-run the Configurations Settings (in AGS Maanger), and supplying the new password.  This would need to be done every time the password is changed;
2) long term: use a domain account that doesn't require the pasword to change.  Use this account/password in the Configurations Settings.  Per Greg Ponto, this is also called a "service account", for those of us that aren't the active directory domain administrators (i.e. me).

Whether this will come out as a knowledge base, in help or behavior changed in a service pack is yet to be determined. It doesn't sound like it is a bug, but more of how the active directory security works.  Maybe this will help others until the KB/help are updated.

This may also affect the ldap store version, but I haven't tested since I am not using that method.

Outcomes