cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
search
  • Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
    Dedicated community for Japanese speakers
  • 한국 커뮤니티
    Dedicated community for Korean speakers
Exit
0
Upvote

cfntauthenticate not working after moving website to new server

thumbo
New Here ,
Feb 20, 2023 Feb 20, 2023

Copy link to clipboard

Copied

Hello.

 

I've got a website that uses cfntauthenticate to authenticate users.

It's been working great, but after moving the website to a new server it's suddenly stopped working.

When trying to authenticate, this is the error message I get:

javax.servlet.jsp.JspException: coldfusion.security.BadUserNameException: The user name or group name <username> is invalid in domain <domain>.

The error message sort of makes it seem like there something wonky going on in the connection between the server and the domain controller, but I'm not sure.

 

Old and new server is in the same domain.

Can't find anything related to this in the logs.
It's even working when I develop locally on my laptop.

 

I've tried to do some googling, but haven't really been able to find anything.

Anyone here got any ideas on what the issue could be?

 

(Originally we were using cfldap, but after migrating to using cfldap with starttls, we were seeing intermittent login errors (e.g. your first login would fail, but the second would be successful))

TOPICS
Security , Server administration

Views

517

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
replies 12 Replies 12
latest latest Jump to latest reply
BKBK Community Expert
Community Expert ,
Feb 20, 2023 Feb 20, 2023

Copy link to clipboard

Copied

Compare the scenario that works with the one that doesn't, ensuring that:

  1. The username is valid.
  2. You enter the username and domain name in the same way in both scenarios. 
  3.  ColdFusion is running as a user with sufficient rights to authenticate other users in the domain. 

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
thumbo
New Here ,
Feb 21, 2023 Feb 21, 2023

Copy link to clipboard

Copied

In Response To BKBK
  1. The username is valid - works fine on old server.
  2. Same exact form on both sites.
  3. The same account is running the ColdFusion services on both servers.

 

So I'm a bit lost 😕

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
BKBK Community Expert
Community Expert ,
Feb 21, 2023 Feb 21, 2023

Copy link to clipboard

Copied

In Response To thumbo

Is it possible to log in manually on the problem server, using the same username and password?

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
thumbo
New Here ,
Feb 21, 2023 Feb 21, 2023

Copy link to clipboard

Copied

In Response To BKBK

Yeah I can RDP in to the server just fine, but the same credentials don't work with the cfntauthenticate tag (on the new server).

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
BKBK Community Expert
Community Expert ,
Feb 21, 2023 Feb 21, 2023

Copy link to clipboard

Copied

In Response To thumbo

That suggests to me that there is something different between the two servers. Possibly a difference in either the Operating System or the ColdFusion version. So what is:

  1.  The Windows version? To see this, navigate to Start > Settings > System > About.  For example, on my system, I see this:
    BKBK_0-1676973570316.png

     

  2.  What is the ColdFusion version? To see this, open the ColdFusion Administrator and click on the green (i) button in the top right-hand corner.
    BKBK_1-1676974129854.png

     

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
thumbo
New Here ,
Feb 22, 2023 Feb 22, 2023

Copy link to clipboard

Copied

In Response To BKBK

Sorry for taking a while to reply.

Regarding windows version, it's server 2019 vs 2022 (old/new).

So, old:

Windows Server 2019 Standard

Major  Minor  Build  Revision
-----  -----  -----  --------
10     0      17763  0

cfversion:

Version 	2021.0.02.328618

----------------------------------------------

new:

Windows Server 2022 Standard

Major  Minor  Build  Revision
-----  -----  -----  --------
10     0      20348  0

cfversion:

Version 	2021.0.02.328618


 

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
BKBK Community Expert
Community Expert ,
Feb 23, 2023 Feb 23, 2023

Copy link to clipboard

Copied

In Response To thumbo

I don't expect the difference in Windows version to be a problem. However, might it just be that ColdFusion's deprecation of cfauthenticate has kicked in on the new Windows version?

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
thumbo
New Here ,
Feb 23, 2023 Feb 23, 2023

Copy link to clipboard

Copied

In Response To BKBK

It doesn't seem like cfNTauthenticate  is deprecated?

I.e. cfNTauthenticate  != cfauthenticate.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
BKBK Community Expert
Community Expert ,
Feb 24, 2023 Feb 24, 2023

Copy link to clipboard

Copied

In Response To thumbo

Oh, an oversight of mine. Please ignore. So, cfntauthenticate it is.

 

I have gone back, and have been experimenting with cfntauthenticate, but can't find any pointers yet.

 

What made me think of deprecation is the phrase

<username> is invalid in domain <domain>

 I am assuming that "<username>" and "<domain>" actually occur in the error message. If so, then my guess is that ColdFusion might not even be connecting with Windows Server 2022. Hence the use of default (placeholder) names "domain" and "username". That would imply some kind of disconnection between ColdFusion and Windows Server 2022.

 

 

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
thumbo
New Here ,
Feb 24, 2023 Feb 24, 2023

Copy link to clipboard

Copied

In Response To BKBK

Ah, no, those are placeholders.

So the error is something like "thumbo is invalid in domain awesomedomain".

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
BKBK Community Expert
Community Expert ,
Feb 28, 2023 Feb 28, 2023

Copy link to clipboard

Copied

In Response To thumbo

OK. We can then move on.

Two points:

  1. Does ColdFusion run as a user with sufficient privileges to authenticate other users in Awesomedomain?
  2.  It may or may not be related to the current issue, but you should consider updating ColdFusion 2021.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
thumbo
New Here ,
Mar 02, 2023 Mar 02, 2023

Copy link to clipboard

Copied

LATEST
In Response To BKBK
  1. It's running as Local System, same as on the previous server. (so what seems to be the default when you install ColdFusion on Windows)
  2. I feel like it shouldn't be related, but it's worth a try I suppose.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Resources
Documentation
ColdFusion User Guide
Copyright © 2023 Adobe. All rights reserved.
Using the Community Experience League Terms of Use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices