Solved

UserID locked or expired for the application on Websphere

Posted on 2009-04-03
21
863 Views
Last Modified: 2013-12-11
Hi,

I have installed an application on Websphere Application Server v6.1. I have enabled the global security and the application security through Admin console  and we are using the Standalone Custom registry.

After 2 months when I try to access the application I am getting an error like

"Your password has expired or you have exceeded the number of login attempts allowed by your administrator.
Your password must be reset. Inform your supervisor. "

Now I am able to access the websphere admin console with the same userID and password but its not working for the application.

I have checked in the DB2 database too where the userids stores for that application, but I coudn't find the parameter called active or inactive for that userid.

Can anyone please help me how I can reset the password for the application installed on websphere.

Thanks,
WASAdmin
0
Comment
Question by:WASAdmin25
  • 12
  • 9
21 Comments
 
LVL 41

Expert Comment

by:HonorGod
ID: 24067123
That sounds like it would be some password validation within the application, not in WebSphere.

Could you uninstall, and reinstall the application?

That might let you set up the userid and password for the application.
0
 

Author Comment

by:WASAdmin25
ID: 24077020
Yes, I can reinstall the application. But thats the last option I will prefer.

Is there any other way we can unlock the password for the application???
0
 
LVL 41

Expert Comment

by:HonorGod
ID: 24079408
Let me try and find out...  I'll get back to you shortly.
0
How our DevOps Teams Maximize Uptime

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us. Read the use case whitepaper.

 
LVL 41

Expert Comment

by:HonorGod
ID: 24079420
Can you use the administration console to make configuration changes?
0
 

Author Comment

by:WASAdmin25
ID: 24079523
Yes, I can use the Amin Console for any config changes.

I tried to disable the global security and the application security from the Admin Console and restarted the Dmgr, Node and the App server.

But, still when I try to access the application I am getting an exception like I mentioned earlier

"Your password has expired or you have exceeded the number of login attempts allowed by your administrator.
Your password must be reset. Inform your supervisor. "

is there anything I can make changes to the configuration in websphere???
0
 
LVL 41

Expert Comment

by:HonorGod
ID: 24079708
That's what I'm trying to check
0
 
LVL 41

Expert Comment

by:HonorGod
ID: 24079997
ok, it sounds like your LDAP server has some expiry date for the particular user in question.

There is a tool/utility that is attached to this IBM WebSphere technote called LDAPsearch.  Here is a technote that explains how to use the tool to diagnose these kinds of issues:

http://www.IBM.com/support/docview.wss?rs=180&uid=swg21113384

It can be used to verify, what is happening for a specific userid / password combination on the LDAP server.

I'm guessing that the userid has "expired", as far as the LDAP server is concerned, so when attempts are made to authenticate this user, the LDAP server is returning an indication of the situation, and WebSphere is causing the message seen above to be displayed.
0
 

Author Comment

by:WASAdmin25
ID: 24080146
Actually we are not using LDAP registry here but we are using Standalone Custom registry.

Any idea how to deal with Standalone Custom registry???
0
 
LVL 41

Expert Comment

by:HonorGod
ID: 24080357
What kind of "Custom" registry?

And, most importantly, (exactly) what version of WebSphere is being used?

To determine this:
- open a command prompt
- "cd" to the <WAS_HOME>\bin directory
  e.g., cd C:\IBM\WebSphere\AppServer\bin
- Use the versionInfo command script to display the product version details
  on Windows:
  > versionInfo
  on Unix type systems:
  # ./versionInfo.sh

and paste the version details here.

Thanks
0
 

Author Comment

by:WASAdmin25
ID: 24080645
In the Admin Console when we go to Security --> Secure administration, applications and Infrasturcture--->

at the bottom of the page we will find four options under user account repository

i.e 1. federated Repositories
     2. Local Operating System
     3. Standalone LDAP registry
     4. Standalone Custom registry

Here I have selected the fourth option i.e Standalone Custom registry and we specified the  Custom registry class name as "com._360commerce.commerceservices.security.websphere.COUserRegistry"


The version we are using here is WAS V6.1.0.17 in Windows 2003

Please let me know if you need any additional info.



0
 
LVL 41

Expert Comment

by:HonorGod
ID: 24080828
So, from where did you get the

com._360commerce.commerceservices.security.websphere.COUserRegistry

code?
0
 
LVL 41

Expert Comment

by:HonorGod
ID: 24080888
FYI: The "latest" release of that version of WebSphere is 6.1.023, dated 23 March 2009.

I would encourage you to upgrade to it.

To find how:
- Browse to the WebSphere Application Server support site
  http://www.IBM.com/software/webservers/appserv/was/support/
- Click on the "Download" link the the "blue" section to the right of center
- Click on the "Recommended fixes" link
- Click on the "Version 6.1" link, which will display the "Version 6.1" table
- Scroll down to the section headed with "Other V6.1 tools and fixes", and
   locate the row with "V7.0 Update Installer"
- If your version of the UpdateInstaller program is down level, upgrade it
  first, then use it to install the 6.1.0.23 release of the AppServer product.
0
 

Author Comment

by:WASAdmin25
ID: 24080991
Thanks for your response !!!

But here as per the configuration settings we are prompted to use the version V6.1.0.17

I don't think  thats the version issue because the same application is working fine in other environments with the same WAS version.

The only reason its working is because the application is being actively used in the other environments.

So, I would like to know is there any other configuration changes to be done to the application on the Websphere side.


Please Advice !!!!


0
 

Author Comment

by:WASAdmin25
ID: 24081023
Regarding your previous question

So, from where did you get the

com._360commerce.commerceservices.security.websphere.COUserRegistry

code?


Ans: Its been developed by the Java developers and we got this registry class from the customer.
       
       It came with the application source code ..



0
 
LVL 41

Accepted Solution

by:
HonorGod earned 500 total points
ID: 24081130
The recommendation to upgrade has nothing to do with this question.
It is just that, a recommendation to upgrade.

Regarding the custom registry, you have to work with the people from whom you obtained that code.  This should have a Graphical User Interface (GUI), or Application Programming Interface (API) that allows you to manage users in the registry.

This user registry is not part of WebSphere...
0
 

Author Comment

by:WASAdmin25
ID: 24090221
I figured out the problem....

I have updated the table in the Database where the userids are stored.

I mean I have updated the column in the table with the current time stamp and restarted the App Server and the Database.

It worked !!!!

Now I am able to login to that application ....


Thanks for help....
0
 
LVL 41

Expert Comment

by:HonorGod
ID: 24091129
You are very welcome.  I'm glad that you figured it out, and also happy to hear that you were willing to share the specific details with the rest of us.

Is there anything else?
0
 

Author Comment

by:WASAdmin25
ID: 24091367
I think I don't have any questions right now....

Thanks for asking though........


0
 

Author Comment

by:WASAdmin25
ID: 24091412
issue is resolved
0
 
LVL 41

Expert Comment

by:HonorGod
ID: 24093440
Just curious, why #a24081130 wasn't the solution?

It clearly states:

This user registry is not part of WebSphere...
0
 
LVL 41

Expert Comment

by:HonorGod
ID: 24097283
Thank you for the grade & points.  You just made me the 1st WebSphere Wizard!

Good luck & have a great day
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

November 2009 Recently, a question came up in the DB2 forum regarding the date format in DB2 UDB for AS/400.  Apparently in UDB LUW (Linux/Unix/Windows), the date format is a system-wide setting, and is not controlled at the session level.  I'm n…
This exercise is about for the following scenario: Dmgr and One node with 2 application server. Each application server contains it owns application. Application server name as follows server1 contains app1 server2 contains app1 Prereq…
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question