Environment
NetIQ Access Manager 3.2
NetIQ Access Manager 3.2 Support Pack 2 applied
NetIQ Advanced Authentication Framework
OATH authenitcation method used
NetIQ Access Manager 3.2 Support Pack 2 applied
NetIQ Advanced Authentication Framework
OATH authenitcation method used
Situation
Access Manager 3.2.2 setup and working well. Administrator trying to setup a NetIQ Advanced Authentication Framework (NAAF) strong authentication method. All NAAF
client and server components were installed on a Win2008 R2 server where both the SmartCard and Flashdrive methods are
working.
When a test user tries to login using a One Time Password, the following error is reported on the browser after the username and token is submitted:
'The User was not found'
Testing the OTP within the NAAF user authenticator plugin for that same user returns a success message.
When a test user tries to login using a One Time Password, the following error is reported on the browser after the username and token is submitted:
'The User was not found'
Testing the OTP within the NAAF user authenticator plugin for that same user returns a success message.
Resolution
Verify that the DOMAIN property of the NAAF authentication method on NAM is valid.
Cause
The DOMAIN setting included the DNS rather than NETBIOS name. Using the logcollector.exe tool on the NAAF server, the subsequent logs generated during the failed authentication showed that NAAF was looking for the user in an invalid domain. Changing the domain to a valid domain allowed the NAAF back end to respond without errors.