Solved

UserID locked or expired for the application on Websphere

Posted on 2009-04-03
21
851 Views
Last Modified: 2013-12-11
Hi,

I have installed an application on Websphere Application Server v6.1. I have enabled the global security and the application security through Admin console  and we are using the Standalone Custom registry.

After 2 months when I try to access the application I am getting an error like

"Your password has expired or you have exceeded the number of login attempts allowed by your administrator.
Your password must be reset. Inform your supervisor. "

Now I am able to access the websphere admin console with the same userID and password but its not working for the application.

I have checked in the DB2 database too where the userids stores for that application, but I coudn't find the parameter called active or inactive for that userid.

Can anyone please help me how I can reset the password for the application installed on websphere.

Thanks,
WASAdmin
0
Comment
Question by:WASAdmin25
  • 12
  • 9
21 Comments
 
LVL 41

Expert Comment

by:HonorGod
ID: 24067123
That sounds like it would be some password validation within the application, not in WebSphere.

Could you uninstall, and reinstall the application?

That might let you set up the userid and password for the application.
0
 

Author Comment

by:WASAdmin25
ID: 24077020
Yes, I can reinstall the application. But thats the last option I will prefer.

Is there any other way we can unlock the password for the application???
0
 
LVL 41

Expert Comment

by:HonorGod
ID: 24079408
Let me try and find out...  I'll get back to you shortly.
0
 
LVL 41

Expert Comment

by:HonorGod
ID: 24079420
Can you use the administration console to make configuration changes?
0
 

Author Comment

by:WASAdmin25
ID: 24079523
Yes, I can use the Amin Console for any config changes.

I tried to disable the global security and the application security from the Admin Console and restarted the Dmgr, Node and the App server.

But, still when I try to access the application I am getting an exception like I mentioned earlier

"Your password has expired or you have exceeded the number of login attempts allowed by your administrator.
Your password must be reset. Inform your supervisor. "

is there anything I can make changes to the configuration in websphere???
0
 
LVL 41

Expert Comment

by:HonorGod
ID: 24079708
That's what I'm trying to check
0
 
LVL 41

Expert Comment

by:HonorGod
ID: 24079997
ok, it sounds like your LDAP server has some expiry date for the particular user in question.

There is a tool/utility that is attached to this IBM WebSphere technote called LDAPsearch.  Here is a technote that explains how to use the tool to diagnose these kinds of issues:

http://www.IBM.com/support/docview.wss?rs=180&uid=swg21113384

It can be used to verify, what is happening for a specific userid / password combination on the LDAP server.

I'm guessing that the userid has "expired", as far as the LDAP server is concerned, so when attempts are made to authenticate this user, the LDAP server is returning an indication of the situation, and WebSphere is causing the message seen above to be displayed.
0
 

Author Comment

by:WASAdmin25
ID: 24080146
Actually we are not using LDAP registry here but we are using Standalone Custom registry.

Any idea how to deal with Standalone Custom registry???
0
 
LVL 41

Expert Comment

by:HonorGod
ID: 24080357
What kind of "Custom" registry?

And, most importantly, (exactly) what version of WebSphere is being used?

To determine this:
- open a command prompt
- "cd" to the <WAS_HOME>\bin directory
  e.g., cd C:\IBM\WebSphere\AppServer\bin
- Use the versionInfo command script to display the product version details
  on Windows:
  > versionInfo
  on Unix type systems:
  # ./versionInfo.sh

and paste the version details here.

Thanks
0
 

Author Comment

by:WASAdmin25
ID: 24080645
In the Admin Console when we go to Security --> Secure administration, applications and Infrasturcture--->

at the bottom of the page we will find four options under user account repository

i.e 1. federated Repositories
     2. Local Operating System
     3. Standalone LDAP registry
     4. Standalone Custom registry

Here I have selected the fourth option i.e Standalone Custom registry and we specified the  Custom registry class name as "com._360commerce.commerceservices.security.websphere.COUserRegistry"


The version we are using here is WAS V6.1.0.17 in Windows 2003

Please let me know if you need any additional info.



0
Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

 
LVL 41

Expert Comment

by:HonorGod
ID: 24080828
So, from where did you get the

com._360commerce.commerceservices.security.websphere.COUserRegistry

code?
0
 
LVL 41

Expert Comment

by:HonorGod
ID: 24080888
FYI: The "latest" release of that version of WebSphere is 6.1.023, dated 23 March 2009.

I would encourage you to upgrade to it.

To find how:
- Browse to the WebSphere Application Server support site
  http://www.IBM.com/software/webservers/appserv/was/support/
- Click on the "Download" link the the "blue" section to the right of center
- Click on the "Recommended fixes" link
- Click on the "Version 6.1" link, which will display the "Version 6.1" table
- Scroll down to the section headed with "Other V6.1 tools and fixes", and
   locate the row with "V7.0 Update Installer"
- If your version of the UpdateInstaller program is down level, upgrade it
  first, then use it to install the 6.1.0.23 release of the AppServer product.
0
 

Author Comment

by:WASAdmin25
ID: 24080991
Thanks for your response !!!

But here as per the configuration settings we are prompted to use the version V6.1.0.17

I don't think  thats the version issue because the same application is working fine in other environments with the same WAS version.

The only reason its working is because the application is being actively used in the other environments.

So, I would like to know is there any other configuration changes to be done to the application on the Websphere side.


Please Advice !!!!


0
 

Author Comment

by:WASAdmin25
ID: 24081023
Regarding your previous question

So, from where did you get the

com._360commerce.commerceservices.security.websphere.COUserRegistry

code?


Ans: Its been developed by the Java developers and we got this registry class from the customer.
       
       It came with the application source code ..



0
 
LVL 41

Accepted Solution

by:
HonorGod earned 500 total points
ID: 24081130
The recommendation to upgrade has nothing to do with this question.
It is just that, a recommendation to upgrade.

Regarding the custom registry, you have to work with the people from whom you obtained that code.  This should have a Graphical User Interface (GUI), or Application Programming Interface (API) that allows you to manage users in the registry.

This user registry is not part of WebSphere...
0
 

Author Comment

by:WASAdmin25
ID: 24090221
I figured out the problem....

I have updated the table in the Database where the userids are stored.

I mean I have updated the column in the table with the current time stamp and restarted the App Server and the Database.

It worked !!!!

Now I am able to login to that application ....


Thanks for help....
0
 
LVL 41

Expert Comment

by:HonorGod
ID: 24091129
You are very welcome.  I'm glad that you figured it out, and also happy to hear that you were willing to share the specific details with the rest of us.

Is there anything else?
0
 

Author Comment

by:WASAdmin25
ID: 24091367
I think I don't have any questions right now....

Thanks for asking though........


0
 

Author Comment

by:WASAdmin25
ID: 24091412
issue is resolved
0
 
LVL 41

Expert Comment

by:HonorGod
ID: 24093440
Just curious, why #a24081130 wasn't the solution?

It clearly states:

This user registry is not part of WebSphere...
0
 
LVL 41

Expert Comment

by:HonorGod
ID: 24097283
Thank you for the grade & points.  You just made me the 1st WebSphere Wizard!

Good luck & have a great day
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

Suggested Solutions

Verbose logging is used to diagnose garbage collector problems. By default, -verbose:gc output is written to either native_stderr.log or native_stdout.log.   It is also possible to redirect the logs to a user-specified file. This article will de…
This article is about some of the basic and important steps to be used to improve the performance in web-sphere commerce application development. 1) Always leverage the Dyna-caching facility provided by the product 2) Remove the unwanted code …
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now