Console login impossible after LDAP change?

Hello everyone,

We’re currently onboarding a new BigFix environment, but I stumbled over a weird issue:

We added an AD directory in the BigFix console, to allow users to use their AD credentials when logging in to WebReports.

As for the console, we only have one operator (the one created during installation, BFAdmin).

The password for the AD bind user was changed now, for some unrelated reason. Naturally, users can no longer login using their AD credentials - this is expected.

But now I cannot login at the console using the local BFAdmin operator. It just says “Incorrect username or password”.

I can, however, still use BFAdmin to logon to the WebReports.

What could be going on here? This seems very strange, and I wouldn’t even know which logs to check. Maybe you guys have an idea?

Local accounts in console are NOT the same as local accounts in web reports

So make sure you use the correct account in console (if it has a different password or different username from the WR one). If you truly do not know what it is, you can have it reset - I was in a position like that a few years ago, and Support provided me an encrypted password which I plugged into my local account via SQL query (and of course, Support gave me what the equivalent plain text password was). Once in the console you would be able to reset its password again and fix the LDAP issue (update the LDAP credential).

1 Like

Thank you for the helpful response! That is good to know, especially about the local accounts for WebReports and the Console being different entities.

I just figured out what was going on, and indeed it is a bit strange: the remote Db2 login had a password change, and BigFix was not able to access the Db2 databases anymore. Instead of giving this error, I got the “wrong password” popup with the console, and I could still login at WebReports (maybe caching?)

Just after restarting the BES root server, I got a db connection error when trying to login to the console and WebReports.

I changed the database password using BESAdmin and now it works again.