When logging into the TPAM appliance as an AD user, the error “Logon failure: Unknown username or bad password” will be displayed.
This can sometimes occur for one of two reasons:
1. The Domain controller listed for AD Authentications is unavailable
2. The User may have a custom “Log On To” logon workstations list configured within Active Directory where the TPAM system is not added.
To test and resolve this issue, please try the following:
1. Log into the /PARADMIN (on TPAM 2.4 and prior) or log into /ADMIN (on TPAM 2.5 and above)
2. Select “System Status/Setting” > “External Authentication” > “WinAD Config”
3. Select the configured system, and make sure that the Server Address listed is correct, and pointing to a valid domain controller
4. Also, ensure that port 389 is open between the TPAM appliance and the domain controller listed in the Server Address settings.
If the user has a custom “Log On To” logon workstations list configured, please perform the following the following:
1. Open Active Directory Users and Computers on your local system
2. Locate the user account experiencing the issue, and open the properties
3. Select the “Account” tab
4. Click the “Log On To…” button
5. In the “Logon Workstations” list, (ONLY if already enabled!) add the system “EDMZWINPAR” to the list, and click Ok.
6. Ensure replication has occurred so that this setting is replicated to all domain controllers
If neither of the above are able to help resolve user login, please contact Support by opening a Service Request, or contacting us via Chat to investigate further.