Some users can not log into JIRA. After they enter a URL, they see the windows pop up where they enter the credentials for the JIRA server. Credentials will not work and after x attempts they get message http 401. This applies to several dozen users who have the same settings as the others, which it is okay. Security policies are set globally. If the affected users try to log on station, where a log-worked, their logging are without any problems.
You say "the windows popup" - do you mean you are getting a popup from the browser, or literally a windows login popup? (If it's an application popup, then how have you done that? Jira doesn't pop up a window for login, it goes to a login screen, so Im a bit confused by that)
Ok, if you're seeing a windows login, that's probably caused by your network - your users open the browser, try to go to Jira and the network doesn't think they're logged in. So they need to enter their windows/network login into it, not Jira.
I'm afraid that's a networking problem, not Jira. Unless you're using some form of directory integration and SSO - is that the case?
Ok, then you probably need to read the AD logs to find out why their logins are failing.
But it might be worth posting the AD configuration in Jira here for us to sanity check it (it's probably fine, as you do have people who can get in, but it's still useful background for us to see while we epxlore the AD logs)
I'm afraid you need to turn the logging up on AD then.
The problem here is that your network doesn't believe your user is logged in, and then it's refusing to accept whatever they're typing in when the box pops up. This is entirely down to AD and your network, they're not even reaching Jira when this is happening.
Hmm. The last time I saw that happen, it was broken AD. Stopping Tomcat fixed it because whatever was broken started getting "not found" from Tomcat instead of the authentication stuff, so it cleared some form of cache. But it might be a cache in Tomcat for you, or something else.
It's pretty much impossible to diagnose this without tracing what is going on when a user tries to authenticate via AD, which means you need to log it in AD.
Today we have the same problem with different users, I found in ntlm-auth.log
This may be the cause?
HttpSecurityService: 192.168.3.166:62345: Authentication failed: NETLOGON failure
2014-05-05 08:50:22: Jespa license.key: SN2151120131022|0|0|1389331860|Jespa 60 Day Trial Licensing Key||||||
2014-05-05 08:50:22: Jespa code-source: /D:/jira-612/atlassian-jira/WEB-INF/lib/jespa-1.1.19.jar
2014-05-05 08:50:22: HttpSecurityService: IP: USER successfully authenticated
2014-05-05 08:50:28: java.io.IOException: Jespa license.key 25 user limit exceeded
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG