Hello,
when i want to login to crowd i get now an error invalid login. The last sucessful login was before some weeks and today i get unexpectedly this error.
The used username(with adminrights) is located in crowd internal directory and is present in db-table cwd_user and active='T'. Also (crypted) credentials are stored.
The logfile in ApplicationData\Crowd\logs\atlassian-crowd.log gives me no further information about the login-failure.
Version is Crowd 3.1.2
With a second internal account its the same.
What can i do?
Thanks in advance
Lars
The story goes on....
A few days later the error 'invalid login' came again. Ok, a step forward could help and so i installed crowd version 3.2.1 and the new Java version.
After that, the problem was solved (on 8. May), login and syncing were again possible.
And now, 3 weeks later the same problem again :-\
Invalid Login and no sync with Azure Active Directory. A reinstall (with the same ApplicationData-Directory) was not successful.
In Logfiles are in
-..\apache-tomcat\logs\catalina.2018-05-30.log -> 0 Errors
-..\apache-tomcat\logs\crowd-stderr.2018-05-30.log -> 0 Errors
-..\apache-tomcat\logs\crowd-stdout.2018-05-30.log -> 2 Errors:
2018-05-30 11:24:37,732 localhost-startStop-1 WARN [tool.schema.internal.ExceptionHandlerLoggedImpl] GenerationTarget encountered exception accepting command : Error executing DDL via JDBC Statement
2018-05-30 11:51:40,940 Caesium-2-1 ERROR [atlassian.crowd.directory.DbCachingDirectoryPoller] Error occurred while refreshing the cache for directory [ 622593 ].
Have you an idea, what is to do?
System is:
Crowd 3.2.1
MS Windows 2016 Server Datacenter in Azure VM
Azure SQL DB
Java jdk and jre 1.8.0_172
The story goes on....
A few days later the error 'invalid login' came again. Ok, a step forward could help and so i installed crowd version 3.2.1 and the new Java version.
After that, the problem was solved (on 8. May), login and syncing were again possible.
And now, 3 weeks later the same problem again :-\
Invalid Login and no sync with Azure Active Directory. A reinstall (with the same ApplicationData-Directory) was not successful.
In Logfiles are in
-..\apache-tomcat\logs\catalina.2018-05-30.log -> 0 Errors
-..\apache-tomcat\logs\crowd-stderr.2018-05-30.log -> 0 Errors
-..\apache-tomcat\logs\crowd-stdout.2018-05-30.log -> 2 Errors:
2018-05-30 11:24:37,732 localhost-startStop-1 WARN [tool.schema.internal.ExceptionHandlerLoggedImpl] GenerationTarget encountered exception accepting command : Error executing DDL via JDBC Statement
2018-05-30 11:51:40,940 Caesium-2-1 ERROR [atlassian.crowd.directory.DbCachingDirectoryPoller] Error occurred while refreshing the cache for directory [ 622593 ].
Have you a idea, what is to do?
System is:
Crowd 3.2.1
MS Windows 2016 Server Datacenter in Azure VM
Azure SQL DB
Java jdk and jre 1.8.0_172
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Please follow Atlassian's documentation to restore your admin password: https://confluence.atlassian.com/crowdkb/restoring-passwords-to-recover-admin-user-rights-283642653.html
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thank you Bruno Vincent for your help.
I(or a colleague) had no bad password attempts between last successful and today for this user.
table cwd_user_attribute
requiresPasswordChange : false
invalidPasswordAttempts : 0
But for sure: I've updated the database(MSSQL) table 'cwd_user' -> my internal user with the hash(atlassian-security) value for password 'admin' like in your documentation link. Restarted service crowd and still "invalid login" now with password 'admin'.
Then i've checked the tables / entry's listed under section 'If No Local Users Exist' and compared it with my actual entrys. Cannot found differences with the execption of id-numbers and username.
My last action before the "invalid login" event was yesterday to setup ssl/https for jira/confluence/bitbucket. But only on this 3 services, no changes in crowd. Could this be a side effect from ssl? But in my understanding has this nothing to do with each other.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You wrote you already checked the atlassian-crowd.log file. Did you also check what you get in apache-tomcat/logs/catalina.out?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Ok, in ..\Crowd\3.1.2\apache-tomcat\logs\catalina.2018-04-27.log(and older) was an error ...
26-Apr-2018 07:36:58.805 WARNING [main] org.apache.catalina.core.AprLifecycleListener.init The APR based Apache Tomcat Native library failed to load. The error reported was [C:\..\Atlassian\Application\Crowd\3.1.2\apache-tomcat\bin\tcnative-1.dll: Can't load IA 32-bit .dll on a AMD 64-bit platform]
Here is an workaround/solution for that: https://jira.atlassian.com/browse/CWD-4869?page=com.atlassian.jira.plugin.system.issuetabpanels%3Achangehistory-tabpanel
Like described here, i've replaced the installed 32Bit tcnative-1.dll with the 64Bit one, restarted the crowd service and now it works. Successful login is possible again! :-)
The error was from the beginning -crowd installingdate- in 02/2018 in the logfile but in the past had this no negative effect. Logins were working fine. And now, after some time was this a problem?
Another cause could be the replacing of two files in two JAVA-Dirs this week:
...\Java\jdk1.8.0_152\jre\lib\security\policy\
...\Java\jre1.8.0_152\lib\security\policy\
local_policy.jar
US_export_policy.jar
(Its JAVA Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files)
It was necessary to load SSL keypairs into the JAVA keystore for using https in JIRA/Confluence/Bitbucket. And maybe this jars and tcnative-1.dll are also used for the crowd credentials -> hash-code atlassian-security??? But its only speculation...
Thank you very much.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thanks for letting us know about the resolution of that issue.
FYI you might want to upgrade to JDK 1.8.0_161 as unlimited cryptography is enabled by default from that version so you don't need to replace jar files anymore: http://www.oracle.com/technetwork/java/javase/8u161-relnotes-4021379.html#JDK-8170157
You might also want to upgrade to Crowd 3.2 which bundles both 32 and 64 bit Tomcat binaries: https://confluence.atlassian.com/crowd/installing-crowd-and-crowdid-191862.html#InstallingCrowdandCrowdID-2.InstallCrowd
(Please see the paragraph titled 'Installing Crowd on Windows with 64-bit JVM')
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.