KB1023

User name or password not recognized when using Windows Authentication

Summary

When a user logs into Axiom Strategy Management with their Windows domain credentials, they may encounter the following error: "User name or password not recognized. Please check your information and try again."

Details

When Windows Authentication is enabled for Axiom Strategy Management, users log in using their Windows domain credentials. Changes to your organization's Windows Active Directory (AD) domain, or to user information in Axiom security, may cause authentication errors when users attempt to log in.

Example authentication error in the Desktop Client

Login errors may occur if there are changes to a user's password, user name, or domain. Additionally, information in Axiom security such as the user login name and/or authentication method may need to be configured to meet the requirements for Windows Authentication.

If the error occurs only when logging in using the Web Client, this may mean that Axiom Strategy Management has been placed in administrator-only mode. In this case it is a known issue that the Web Client login page displays an incorrect message when non-administrators attempt to log in. Non-administrators that attempt to log in using the Desktop Client receive the correct message, which explains that access to the system is currently restricted to administrators.

Example authentication error in the Web Client

Resolution

Depending on the conditions causing the error, the resolution may involve one or more of the following:

• Using up-to-date information that matches your Windows AD domain
• Updating Axiom Security to match changes to your Windows AD domain
• Changing system access to allow non-administrators to log in

Use current information based on Windows AD domain changes

Contact your local IT help desk to determine if there were any recent changes in your organization's Windows AD domain, and/or to confirm whether a specific user is using the correct login information.

1. Users need to use the same credentials to access Axiom Strategy Management that they use to log in to their workstation.

   • If the user's Windows password was reset, they need to sign in to Axiom with the new password.
   • If the user's Windows user name changed due to a name change, contact your local IT help desk to determine the new user name. Also, confirm that the user's login name in Axiom Strategy Management matches what IT provides. (See the next section for more information.)

2. If your organization has multiple domains, ensure that users are selecting the correct domain from the domain selection list. For help determining the correct workstation name and domain, please refer to Microsoft's support article.

   

   Example login window with domain selection list enabled

3. If your organization has added a new domain and some existing Axiom Strategy Management users have been moved to that domain, you must add the new domain name to the WindowsAuthAllowedDomains list so that those users can log in. See Domain selection list and System administration in the Web Client for more information.
4. If your organization recently renamed an existing domain, please contact Axiom Support for assistance.

Validate user configuration in Axiom Strategy Management Security

When a user logs in, Axiom Strategy Management looks for a matching user name within Axiom security and applies the specified authentication type for that user. For Windows Authentication, users must be set up as follows: 

• The user's Axiom Strategy Management login name must match their Windows login name.
• The user's Authentication method must be set to Windows User. This is the default setting for new users if Windows Authentication is enabled for your installation.

If users are imported from Active Directory, then they will automatically be created with the appropriate login name and authentication type.

If settings have changed in your Windows AD domain, you may need to make corresponding changes in Axiom Strategy Management security. In order to access Axiom security and validate user settings, you must be a system administrator, a subsystem administrator, or a user with the Administer Security permission.

1. On the Axiom tab, in the Administration group, click Manage > Security > Security Manager

   NOTE: In systems with installed products, this feature may be located on the Admin tab. In the System Management group, click Security > Security Manager.

2. In the Security Management dialog, select the user from the list.
3. In the General tab, click on the Validate that the login name is found in the active directory button to validate that the user's Axiom login name is found in your active directory. (Your Desktop Client must be able to access your organization's Active Directory for this test to succeed.)



4. A confirmation window appears when the user is found in your domain. If instead the user is not found, contact your local IT department to confirm that the login name is set to the correct Windows user name.

   

5. In the Authentication drop-down list, ensure that Windows User is selected.
6. Click OK to save the changes and close the Security Management dialog.

Change the system access restriction

If your Windows AD domain has not changed, and the user's security information is correct and up-to-date, then the error may be occurring because the system has been placed in administrator-only mode. Typically the system is placed into administrator-only mode for planned intervals on a temporary basis, such as when performing system upgrades or other maintenance. In this case, you may simply need to inform the user that they need to wait for this maintenance to be completed. Once the maintenance is complete, the system will be re-opened to all users and then they can log in without error.

For more information about enabling or disabling administrator-only mode, see Preventing users from accessing the system.

Outcome

Users will be able to authenticate to Axiom Software using their Windows AD domain credentials once they use login information that matches your Windows AD domain, Axiom security has the correct information and configuration, and system access is not restricted to administrators only.

See also

• Using Windows Authentication
• Synchronizing users with Active Directory
• Login behavior options
• Preventing users from accessing the system
• System administration in the Web Client

Article information

Category	Security
Applies To	All versions
Tags	User Name, Password, Active Directory, Windows Authentication, Domain
Issue Number(s)	17252