[ngw] AD account oddity

Joe Brugaletta JBrugaletta at braytonlaw.com
Fri May 5 21:09:34 UTC 2017

Since changing to LDAP and AD, *very* randomly users can't get into their gw accounts. Has anyone seen similar behavior?  Gw14.2.2

I got two phone calls back to back today.. users are able to login to computer/ad/edir without issue, but gw wouldn't let them in. So I reset their passwords in AD using Users & Computers MMC (same password as before).. still didn't work, so then went into GWAC and hit "Synchronize".. a few attempts later they were able to get in. Below log from PO shows failed attempt, and then successful after reset/sync

13:31:41 397A LDAP Error: 49  (JDOE)
13:31:41 397A LDAP Error: Invalid credentials CN= CN=John Doe,OU=Case Clerks,OU=Law,DC=braytonlaw,DC=com Extended Error=80090308: LdapErr: DSID-0C0903D9, comment: AcceptSecurityContext error, data 52e, v2580 (JDOE)
13:31:41 397A Error: Invalid password [D019] User:JDOE  (JDOE)
13:32:04 393A ADM: Completed: Update object in post office -  User ASBDOM.sfpo.JDOE (Administrator: gwadmin.LAWSYS, Domain: ASBDOM)
13:32:07 397A C/S Login Windows  Net Id=JDOE.Sf.ASB ::GW Id=JDOE ::
13:32:08 397A Processing update: environment settings record (JDOE)
13:32:08 397A Processing update: environment settings record (JDOE)

NOTICE: This email and all attachments are CONFIDENTIAL and intended SOLELY for the recipients as identified in the "To", "Cc" and "Bcc" lines of this email.  If you are not an intended recipient, your receipt of this email and its attachments is the result of an inadvertent disclosure or unauthorized transmittal.  Sender reserves and asserts all rights to confidentiality, including all privileges that may apply.  Pursuant to those rights and privileges, immediately DELETE and DESTROY all copies of the email and its attachments, in whatever form, and immediately NOTIFY the sender of your receipt of this email.  DO NOT review, copy, forward or rely on the email and its attachments in any way.
NOTICE: NO DUTIES ARE ASSUMED, INTENDED OR CREATED BY THIS COMMUNICATION.  If you have not executed a fee contract or an engagement letter, this firm does NOT represent you as your attorney.  You are encouraged to retain counsel of your choice if you desire to do so.  All rights of the sender for violations of the confidentiality and privileges applicable to this email and any attachments are expressly reserved.

More information about the ngw mailing list