Authentication errors
This page lists all SAS error messages that may be generated during authentication and provides guidelines about how to solve the errors.
| Message | Suggested Action |
|---|---|
|
Static passwords have been disabled. |
Unlock the static password from the authentication methods by clicking on the manage button and reseting the password |
|
Maximum lifetime for temporary password exceeded. |
Provision a new password - Assign a new password to a user after the first one has expired |
|
Invalid password. |
Make sure that the password typed is correct for the user trying to login |
|
User's token is locked. |
Unlock token, and confirm user is using token correctly |
|
User's token is suspended. |
Unlock the token and activate it, confirm that the user is able to use the token |
|
User's token is not in an active state. |
Update token state from the authentication methods by clicking on the manage and verify that the current state is reflected |
|
Unable to authenticate user with any of their tokens. |
Verify that the user is using one of the tokens assign to him/her |
|
Next TokenCodes |
Provide the next passcode from the token |
|
SMS challenge sent to mobile device. |
Verify that the user has received the SMS challenge on their registered mobile phone number |
|
User has exceeded the SMS challenge interval. |
Ensure the user is requesting SMS challenge within the interval set in the policy |
|
User's account is disabled in LDAP. |
Make sure that the user is not disabled in LDAP and perform an active directory sync to update the user record in SAS/STA |
|
User's account is locked in LDAP. |
Make sure that the user is not locked in LDAP and perform an active directory sync to update the user record in SAS/STA |
|
User's account is expired in LDAP. |
Make sure that the user is not expired in LDAP and perform an active directory sync to update the user record in SAS/STA |
|
Generating challenges for this token type is unsupported for this agent. |
Make sur that user is providing a passcode instead of attempting a challenge. Make sure the passcode is being receive by SAS/STA |
|
State was not found in database. |
Make sure the state provided during a challenge response authentication request is correct |
|
State has expired. |
Perform a new authentication |
|
SMS challenge has expired. |
Perform a new challenge / response authentication |
|
User name does not match |
Enter exact user name as registered in the SAS console |
|
Account name does not match. |
Enter exact account name as registered in the SAS console |
|
Enter your SafeNet Authentication Service static password. |
Provide the static password as assigned in SAS Console |
|
Unable to map IP address to an account. |
Make sure the client IP is added to the authnode list of the correct Virtual Server |
|
Unknown account. |
Make sure that the account exists in SAS Console |
|
Generating challenges for time based tokens is unsupported. |
Provide token passcode instead of using challenge or switch to challenge response token |
|
Account is inactive. |
Activate the account in SAS console |
|
Invalid LDAP credentials. |
Provide the correct LDAP password |
|
Unable to process realms for this user or account. |
Make sure the user account is part of the realm |
|
Invalid OTP. The dash character is required for telephone mode OTPs. |
Provide the passcode as it appears on the passcode generated when token policy is set to telephone mde |
|
Temporary password has expired. |
Reset the temporary password |
|
Dormant account lockout. |
Activate the account in SAS console |
|
Unable to process realms. User is not an Account Manager. |
Login as an Account Manager or assign the Account Manager role to the current user |
|
Unable to process realms. Account Manager does not have permission. |
Login as an operator to process realm |
|
IP Address outside of Allowed Management IP Ranges. |
Set the range to match the operator current IP range |
|
Account is expired. |
Activate the account in SAS console |
|
Account is not yet active. |
Activate the account in SAS console |
