Jump to content


User authentication issue


  • Please log in to reply
6 replies to this topic

#1 JPascalTPE

JPascalTPE

    Newbie

  • Members
  • Pip
  • 5 posts

Posted 25 August 2016 - 01:19 PM

Hello,

I am pretty new to Perforce server administration, and on our server we are running into a user authentication problem.

The server is running on Ubuntu 14.04. It's a P4D/LINUX26X86_64/2015.1/1240625 (2015/09/29).

It's been running just fine for 6 months, but now, users are getting disconnected several times a day, when re-logging in, they sometimes have to enter their username + password 3 or 4 times.

I modified the server's security level to 2, but it's still the same.

In the server's log I have the following error messages:

Perforce server info:
2016/08/22 18:15:10 pid 25219 eilir@eilir 192.168.1.138 [P4V/NTX64/2015.2/1312139/v79] 'user-client -o eilir'
--- failed authentication check

Perforce server info:
2016/08/22 19:00:09 pid 28129 eddie@_____CLIENT_UNSET_____ 192.168.1.134 [P4V/NTX64/2015.1/1233444/v78] 'user-protects -m'
--- failed authentication check

Perforce server info:
2016/08/22 19:00:22 pid 28145 eddie@_____CLIENT_UNSET_____ 192.168.1.134 [P4V/NTX64/2015.1/1233444/v78] 'user-protects -m'
--- failed authentication check

Perforce server info:
2016/08/23 10:57:29 pid 15120 richard@richard 192.168.1.146 [P4V/NTX64/2015.1/1233444/v78] 'user-protects -m'
--- failed authentication check


What happened just before this issue appeared:
- we did a full server backup using Bareos (Bacula)
- the superuser "perforce" was deleted, but recreated since, as a superuser (p4 protect)

Does any one has a hint to share as to what is going wrong?

Many thanks in advance for any help you can provide!

Cheers,

JP.

#2 P4Sam

P4Sam

    Advanced Member

  • Members
  • PipPipPip
  • 484 posts
  • LocationSan Francisco, CA

Posted 25 August 2016 - 05:32 PM

Are you using external authentication, or Perforce's native authentication?  (If you're not sure, run "p4 triggers -o" and "p4 ldaps".)

#3 JPascalTPE

JPascalTPE

    Newbie

  • Members
  • Pip
  • 5 posts

Posted 25 August 2016 - 10:56 PM

We are using Perforce native authentication.

#4 P4Sam

P4Sam

    Advanced Member

  • Members
  • PipPipPip
  • 484 posts
  • LocationSan Francisco, CA

Posted 26 August 2016 - 12:23 AM

When you say "disconnected" do you mean that the users are getting the "login expired" message (that's what that "authentication check" error would correspond to), or are they getting network connection errors, or some other error message entirely?  If their login tickets are expiring, what's the Timeout value set to for the groups these users are in?

When they need to enter their password multiple times, are they getting the message "password invalid" or some other error?

#5 JPascalTPE

JPascalTPE

    Newbie

  • Members
  • Pip
  • 5 posts

Posted 26 August 2016 - 03:25 AM

Hi Sam,

Thanks a lot for your kind help, I really appreciate it.

I don't think it's a network connection issue. I think it's more a ticket expiring thing. We did not set any timeout value, so I assume it's the default 12hrs one.

To be able to login again, they have to rename or delete their C:\Documents and Settings\<username>\p4tickets.txt file.

Then, when they enter their password multiple times, they get "A password is required for this user. Missing or invalid password.".

I asked one of the user to try "p4 login -s", and he got "Unicode clients require a unicode enabled server."

   => That particular user set his Perforce client to UTF8, not sure about the others.

I also moved the server to security level 2 instead of 3, hoping it would not use tickets anymore, but they still have this connection issue.

Should I convert the server to UTF8?

#6 JPascalTPE

JPascalTPE

    Newbie

  • Members
  • Pip
  • 5 posts

Posted 26 August 2016 - 06:14 AM

I set the Perforce server's security level to 0, and when I p4 login -s, it says that my ticket is valid for a certain time. Is that normal? I understood that at levels 0, 1 and 2, tickets are not used?

#7 JPascalTPE

JPascalTPE

    Newbie

  • Members
  • Pip
  • 5 posts

Posted 27 August 2016 - 03:25 AM

Hi Sam,

I think I found why we had this issue.

Our server had 2 DNS entries (perforce.company.com and perforce.company.local), so in the p4tickets.txt file, there were 2 entries - one for each host name, which apparently did not suit the client/server relationship.

Once I kept only one DNS record (only one host name), the ticket is clean, and users only have to enter their credentials once.

I'm touching some wood right now, but i think we're all good!

Cheers, thanks a lot for your kind help!

JP.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users