Kbase P101841: Errors 9173 and 9897 when connecting to AdminServer on Linux machine with non DES password encryptio
| Autor |
Progress Software Corporation - Progress |
| Acesso |
Público |
| Publicação |
03/02/2011 |
|
Status: Verified
SYMPTOM(s):
Invalid username and/or password specification. (9173)
User is not authenticated. (9897)
Unable to connect from Progress Explorer to the AdminServer on Linux
The user name and password are correct
No user can connect to the AdminServer using Progress Explorer
extended authorization debug log file reads
IN validate_account root xxxxxx (null)
IN testUserPasswordForNull root xxxxxx
IN validatePassword root xxxxxx (null)
IN isGeneratedPassword = xxxxxxxx
IN validateUserPassword root xxxxxx
Calling getpwnam()
Calling getspnam()
Calling crypt()
Password validation failed
Return status of validate_account = 0
Error 9173 when connecting to AdminServer on Linux machine with non DES password encryption level
FACT(s) (Environment):
Progress 9.1X
OpenEdge 10.X
Linux Intel
CAUSE:
The OS is using Blowfish password encryption level, which Progress does not currently support
FIX:
Change the password encryption level to DES and recreate the password for the affected users (change to dummy password first and then you can set the original password back, but it must be recreated, since the encryption level has been changed) and restart the AdminServer.
The method to change the encryption level is the yast utility for e.g. SUSE Linux:
Yast -> Security and Users -> Security settings -> Custom Settings -> next -> Password Encryption Method -> DES
Note:In Red Hat Enterprise Linux Server release 5.5 (Tikanga) the encryption type is found under System -> Administration -> Authentication. The setting causing the authentication issue was SHA512. Setting it to DESCRYPT, allowed the login from the Windows machine to the Linux server without re-starting the Admin Server.