MySQL Enterprise Monitor (MEM) External Authentication With Active Directory Fails

(Doc ID 2240539.1)

Last updated on JUNE 21, 2017

Applies to:

MySQL Enterprise Monitor - Version 3.2 and later
Information in this document applies to any platform.

Symptoms

Installed MySQL Enterprise Monitor, and configured external Authentication through Active Directory (AD).

However the external authentication fails:

2016-08-18 14:01:02,815 WARN [block-task--thread-27:{df:d525f25e-70fc-4d8f-bce0-c28fda227791.1471521662808.32229}:com.mysql.etools.monitor.bo.OsNameProvider] Os {com.mysql.etools.inventory.model.os.Os : ssh:{fd:1a:39:5a:e0:ff:3a:7b:3c:2c:cb:f6:ab:53:af:5d}} has no host, using identity for name
2016-08-18 14:01:02,862 WARN [block-task--thread-5:{df:d525f25e-70fc-4d8f-bce0-c28fda227791.1471521662859.32259}:com.mysql.etools.monitor.bo.OsNameProvider] Os {com.mysql.etools.inventory.model.os.Os : ssh:{7b:f5:90:d7:9a:66:d5:90:bc:0d:69:a5:d6:b3:4b:73}} has no host, using identity for name
2016-08-18 14:01:04,496 WARN [block-task--thread-21::com.mysql.etools.monitor.bo.OsNameProvider] (repeated 3 times) Os {com.mysql.etools.inventory.model.os.Os : ssh:{d1:29:01:fb:ec:1a:88:f4:a8:ae:fe:a9:0b:b9:ca:e3}} has no host, using identity for name
2016-08-18 14:01:04,495 DEBUG [http-nio-443-exec-3::org.springframework.security.ldap.authentication.LdapAuthenticationProvider] Processing authentication request for user: user2
2016-08-18 14:01:04,496 DEBUG [http-nio-443-exec-3::org.springframework.security.ldap.search.FilterBasedLdapUserSearch] Searching for user 'leborgma2', with user search [ searchFilter: '(sAMAccountName={0})', searchBase: '', scope: subtree, searchTimeLimit: 0, derefLinkFlag: false ]
2016-08-18 14:01:04,501 DEBUG [http-nio-443-exec-3::org.springframework.security.ldap.SpringSecurityLdapTemplate] Found DN: cn=TEST Maxence - ADMIN,ou=UTILISATEURS,ou=BDDOPEN,dc=dm-test,dc=pt
2016-08-18 14:01:04,502 DEBUG [http-nio-443-exec-3::org.springframework.security.ldap.authentication.BindAuthenticator] Attempting to bind as cn=TEST Maxence - ADMIN,ou=UTILISATEURS,ou=BDDOPEN,dc=dm-test,dc=pt
2016-08-18 14:01:04,503 DEBUG [http-nio-443-exec-3::org.springframework.security.ldap.DefaultSpringSecurityContextSource] Removing pooling flag for user cn=TEST Maxence - ADMIN,ou=UTILISATEURS,ou=BDDOPEN,dc=dm-test,dc=pt
2016-08-18 14:01:04,518 DEBUG [http-nio-443-exec-3::org.springframework.security.ldap.authentication.BindAuthenticator] Retrieving attributes...
2016-08-18 14:01:04,560 WARN [http-nio-443-exec-3::com.mysql.security] No external roles present for user2
2016-08-18 14:01:04,561 WARN [http-nio-443-exec-3::com.mysql.etools.security.Auditor] User user2@192.168.1.52 failed login
2016-08-18 14:01:04,695 INFO [http-nio-443-exec-13::com.mysql.timing.accessLog.action] /Auth.action 48 ms
2016-08-18 14:01:05,637 DEBUG [http-nio-443-exec-2::org.springframework.security.ldap.SpringSecurityLdapTemplate] (repeated 1 times) Searching for entry under DN '', base = '', filter = '(sAMAccountName={0})'
2016-08-18 14:01:16,700 DEBUG [http-nio-443-exec-7::org.springframework.security.ldap.authentication.LdapAuthenticationProvider] Processing authentication request for user: dm-test\user2
2016-08-18 14:01:16,701 DEBUG [http-nio-443-exec-7::org.springframework.security.ldap.search.FilterBasedLdapUserSearch] Searching for user 'dm-test\user2', with user search [ searchFilter: '(sAMAccountName={0})', searchBase: '', scope: subtree, searchTimeLimit: 0, derefLinkFlag: false ]
2016-08-18 14:01:16,702 DEBUG [http-nio-443-exec-7::org.springframework.security.ldap.SpringSecurityLdapTemplate] Searching for entry under DN '', base = '', filter = '(sAMAccountName={0})'
2016-08-18 14:01:16,706 WARN [http-nio-443-exec-7::com.mysql.etools.security.Auditor] User dm-test\user2@192.168.1.52 failed login
2016-08-18 14:01:16,762 INFO [http-nio-443-exec-21::com.mysql.timing.accessLog.action] /Auth.action 40 ms

2016-08-18 14:00:33,095 WARN [block-task--thread-10:com.mysql.etools.monitor.bo.OsNameProvider] Os {com.mysql.etools.inventory.model.os.Os : ssh:{fd:1a:39:5a:e0:ff:3a:7b:3c:2c:cb:f6:ab:53:af:5d}} has no host, using identity for name
2016-08-18 14:00:33,170 WARN [block-task--thread-10:com.mysql.etools.monitor.bo.OsNameProvider] Os {com.mysql.etools.inventory.model.os.Os : ssh:{7b:f5:90:d7:9a:66:d5:90:bc:0d:69:a5:d6:b3:4b:73}} has no host, using identity for name
2016-08-18 14:00:35,415 DEBUG [http-nio-443-exec-18:org.springframework.security.ldap.authentication.LdapAuthenticationProvider] Processing authentication request for user: admin_agent
2016-08-18 14:00:35,416 DEBUG [http-nio-443-exec-18:org.springframework.security.ldap.search.FilterBasedLdapUserSearch] Searching for user 'admin_agent', with user search [ searchFilter: '(sAMAccountName={0})', searchBase: '', scope: subtree, searchTimeLimit: 0, derefLinkFlag: false ]
2016-08-18 14:00:35,417 DEBUG [http-nio-443-exec-18:org.springframework.security.ldap.SpringSecurityLdapTemplate] Searching for entry under DN '', base = '', filter = '(sAMAccountName={0})'
2016-08-18 14:00:38,248 INFO [http-nio-443-exec-7:com.mysql.timing.accessLog.action] /Auth.action 46 ms
2016-08-18 14:00:51,311 DEBUG [http-nio-443-exec-23:org.springframework.security.ldap.authentication.LdapAuthenticationProvider] Processing authentication request for user: user2
2016-08-18 14:00:51,312 DEBUG [http-nio-443-exec-23:org.springframework.security.ldap.search.FilterBasedLdapUserSearch] Searching for user 'user2', with user search [ searchFilter: '(sAMAccountName={0})', searchBase: '', scope: subtree, searchTimeLimit: 0, derefLinkFlag: false ]
2016-08-18 14:00:51,382 DEBUG [http-nio-443-exec-23:org.springframework.security.ldap.SpringSecurityLdapTemplate] Found DN: cn=TEST Maxence - ADMIN,ou=UTILISATEURS,ou=BDDOPEN,dc=dm-test,dc=pt
2016-08-18 14:00:51,384 DEBUG [http-nio-443-exec-23:org.springframework.security.ldap.authentication.BindAuthenticator] Attempting to bind as cn=TEST Maxence - ADMIN,ou=UTILISATEURS,ou=BDDOPEN,dc=dm-test,dc=pt
2016-08-18 14:00:51,385 DEBUG [http-nio-443-exec-23:org.springframework.security.ldap.DefaultSpringSecurityContextSource] Removing pooling flag for user cn=TEST Maxence - ADMIN,ou=UTILISATEURS,ou=BDDOPEN,dc=dm-test,dc=pt
2016-08-18 14:00:51,421 DEBUG [http-nio-443-exec-23:org.springframework.security.ldap.authentication.BindAuthenticator] Failed to bind as cn=TEST Maxence - ADMIN,ou=UTILISATEURS,ou=BDDOPEN,dc=dm-test,dc=pt: org.springframework.ldap.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903A8, comment: AcceptSecurityContext error, data 52e, v1db1

2016-08-18 14:01:18,954 WARN [

block-task--thread-17:{df:d525f25e-70fc-4d8f-bce0-c28fda227791.1471521692874.35187}:com.mysql.etools.monitor.bo.OsNameProvider] Os {com.mysql.etools.inventory.model.os.Os : ssh:{d1:29:01:fb:ec:1a:88:f4:a8:ae:fe:a9:0b:b9:ca:e3}} has no host, using identity for name
2016-08-18 14:01:35,854 WARN [http-nio-443-exec-14::com.mysql.etools.security.Auditor] (repeated 29 times) User admin_agent@192.168.1.58 failed login
2016-08-18 14:01:35,854 DEBUG [http-nio-443-exec-18::org.springframework.security.ldap.authentication.LdapAuthenticationProvider] Processing authentication request for user: admin_agent
2016-08-18 14:01:35,854 DEBUG [http-nio-443-exec-18::org.springframework.security.ldap.search.FilterBasedLdapUserSearch] Searching for user 'admin_agent', with user search [ searchFilter: '(sAMAccountName={0})', searchBase: '', scope: subtree, searchTimeLimit: 0, derefLinkFlag: false ]
2016-08-18 14:01:35,857 DEBUG [http-nio-443-exec-18::org.springframework.security.ldap.SpringSecurityLdapTemplate] Searching for entry under DN '', base = '', filter = '(sAMAccountName={0})'
2016-08-18 14:01:35,860 WARN [http-nio-443-exec-18::com.mysql.etools.security.Auditor] User admin_agent@192.168.1.58 failed login
2016-08-18 14:01:38,880 WARN [http-nio-443-exec-12::com.mysql.etools.security.Auditor] User admin_agent@192.168.1.58 failed login

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms