Hello,
when i want to login to crowd i get now an error invalid login. The last sucessful login was before some weeks and today i get unexpectedly this error.
The used username(with adminrights) is located in crowd internal directory and is present in db-table cwd_user and active='T'. Also (crypted) credentials are stored.
The logfile in ApplicationData\Crowd\logs\atlassian-crowd.log gives me no further information about the login-failure.
Version is Crowd 3.1.2
With a second internal account its the same.
What can i do?
Thanks in advance
Lars
The story goes on....
A few days later the error 'invalid login' came again. Ok, a step forward could help and so i installed crowd version 3.2.1 and the new Java version.
After that, the problem was solved (on 8. May), login and syncing were again possible.
And now, 3 weeks later the same problem again :-\
Invalid Login and no sync with Azure Active Directory. A reinstall (with the same ApplicationData-Directory) was not successful.
In Logfiles are in
-..\apache-tomcat\logs\catalina.2018-05-30.log -> 0 Errors
-..\apache-tomcat\logs\crowd-stderr.2018-05-30.log -> 0 Errors
-..\apache-tomcat\logs\crowd-stdout.2018-05-30.log -> 2 Errors:
2018-05-30 11:24:37,732 localhost-startStop-1 WARN [tool.schema.internal.ExceptionHandlerLoggedImpl] GenerationTarget encountered exception accepting command : Error executing DDL via JDBC Statement
2018-05-30 11:51:40,940 Caesium-2-1 ERROR [atlassian.crowd.directory.DbCachingDirectoryPoller] Error occurred while refreshing the cache for directory [ 622593 ].
Have you an idea, what is to do?
System is:
Crowd 3.2.1
MS Windows 2016 Server Datacenter in Azure VM
Azure SQL DB
Java jdk and jre 1.8.0_172
The story goes on....
A few days later the error 'invalid login' came again. Ok, a step forward could help and so i installed crowd version 3.2.1 and the new Java version.
After that, the problem was solved (on 8. May), login and syncing were again possible.
And now, 3 weeks later the same problem again :-\
Invalid Login and no sync with Azure Active Directory. A reinstall (with the same ApplicationData-Directory) was not successful.
In Logfiles are in
-..\apache-tomcat\logs\catalina.2018-05-30.log -> 0 Errors
-..\apache-tomcat\logs\crowd-stderr.2018-05-30.log -> 0 Errors
-..\apache-tomcat\logs\crowd-stdout.2018-05-30.log -> 2 Errors:
2018-05-30 11:24:37,732 localhost-startStop-1 WARN [tool.schema.internal.ExceptionHandlerLoggedImpl] GenerationTarget encountered exception accepting command : Error executing DDL via JDBC Statement
2018-05-30 11:51:40,940 Caesium-2-1 ERROR [atlassian.crowd.directory.DbCachingDirectoryPoller] Error occurred while refreshing the cache for directory [ 622593 ].
Have you a idea, what is to do?
System is:
Crowd 3.2.1
MS Windows 2016 Server Datacenter in Azure VM
Azure SQL DB
Java jdk and jre 1.8.0_172
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Please follow Atlassian's documentation to restore your admin password: https://confluence.atlassian.com/crowdkb/restoring-passwords-to-recover-admin-user-rights-283642653.html
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thank you Bruno Vincent for your help.
I(or a colleague) had no bad password attempts between last successful and today for this user.
table cwd_user_attribute
requiresPasswordChange : false
invalidPasswordAttempts : 0
But for sure: I've updated the database(MSSQL) table 'cwd_user' -> my internal user with the hash(atlassian-security) value for password 'admin' like in your documentation link. Restarted service crowd and still "invalid login" now with password 'admin'.
Then i've checked the tables / entry's listed under section 'If No Local Users Exist' and compared it with my actual entrys. Cannot found differences with the execption of id-numbers and username.
My last action before the "invalid login" event was yesterday to setup ssl/https for jira/confluence/bitbucket. But only on this 3 services, no changes in crowd. Could this be a side effect from ssl? But in my understanding has this nothing to do with each other.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You wrote you already checked the atlassian-crowd.log file. Did you also check what you get in apache-tomcat/logs/catalina.out?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Ok, in ..\Crowd\3.1.2\apache-tomcat\logs\catalina.2018-04-27.log(and older) was an error ...
26-Apr-2018 07:36:58.805 WARNING [main] org.apache.catalina.core.AprLifecycleListener.init The APR based Apache Tomcat Native library failed to load. The error reported was [C:\..\Atlassian\Application\Crowd\3.1.2\apache-tomcat\bin\tcnative-1.dll: Can't load IA 32-bit .dll on a AMD 64-bit platform]
Here is an workaround/solution for that: https://jira.atlassian.com/browse/CWD-4869?page=com.atlassian.jira.plugin.system.issuetabpanels%3Achangehistory-tabpanel
Like described here, i've replaced the installed 32Bit tcnative-1.dll with the 64Bit one, restarted the crowd service and now it works. Successful login is possible again! :-)
The error was from the beginning -crowd installingdate- in 02/2018 in the logfile but in the past had this no negative effect. Logins were working fine. And now, after some time was this a problem?
Another cause could be the replacing of two files in two JAVA-Dirs this week:
...\Java\jdk1.8.0_152\jre\lib\security\policy\
...\Java\jre1.8.0_152\lib\security\policy\
local_policy.jar
US_export_policy.jar
(Its JAVA Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files)
It was necessary to load SSL keypairs into the JAVA keystore for using https in JIRA/Confluence/Bitbucket. And maybe this jars and tcnative-1.dll are also used for the crowd credentials -> hash-code atlassian-security??? But its only speculation...
Thank you very much.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thanks for letting us know about the resolution of that issue.
FYI you might want to upgrade to JDK 1.8.0_161 as unlimited cryptography is enabled by default from that version so you don't need to replace jar files anymore: http://www.oracle.com/technetwork/java/javase/8u161-relnotes-4021379.html#JDK-8170157
You might also want to upgrade to Crowd 3.2 which bundles both 32 and 64 bit Tomcat binaries: https://confluence.atlassian.com/crowd/installing-crowd-and-crowdid-191862.html#InstallingCrowdandCrowdID-2.InstallCrowd
(Please see the paragraph titled 'Installing Crowd on Windows with 64-bit JVM')
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Online forums and learning are now in one easy-to-use experience.
By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.