IDM Groupwise Driver - Logon failure: unknown user name or bad password

  • 7007278
  • 18-May-2012
  • 18-May-2012


NetIQ Identity Manager 3.6.1


Remote System Configuration, Option 2 per Groupwise Driver Documentation.
IDM 3.6.1 running on Linux Server,
Groupwise 8 running on NetWare
Windows 2003 server running Novell Client 4.9.1, and Remote Loader.

When starting the driver, unknown user name or bad password error is received in the remote loader trace.

DirXML: [05/04/12 11:25:59.28]: TRACE:  GroupWise:      javax.naming.AuthenticationException: Authentication to \\\Volume\Path failed. Logon failure: unknown user name or bad password.
    at Source)
    at javax.naming.spi.NamingManager.getInitialContext(
    at javax.naming.InitialContext.getDefaultInitCtx(
    at javax.naming.InitialContext.init(
    at javax.naming.InitialContext.<init>(
    at Source)
    at Source)
    at Source)
    at Source)
    at com.novell.nds.dirxml.remote.loader.Driver.startDriver(
    at com.novell.nds.dirxml.remote.loader.Driver.driverStart(


Verify the following configuration is in place.
1.  You have a local user (on the local windows server (NOT a domain user) and eDirectory user with the same username and password.

2.  On the Windows server for the local user account on Windows.

    *      Add the user account to the Administrators group.
    *      Deselect any options that force the account password to be changed or that cause it to expire.
    *      In Administrative Tools, access Local Security Policy > Local Policies > User Rights Assignment and add the account to the Log On as a Service policy.

3.  In eDirectory, on the NetWare server where the GroupWise domain database resides:

    *      Use the same username and password you used for the account on the driver’s server.
    *      For a NetWare server, use iManager or ConsoleOne® to give the user account Read, Write, Create, Erase, Modify, and File Scan access to the GroupWise domain directory and subdirectories.

4.  After adding the user to the Log On as a Service policy, reboot the windows server running the remote loader.


In this case, the user was a AD domain user and not a local user on the window server.