IBM Case Manager Client, IBM Content Navigator (ICN), WebSphere Application Server (WAS)

CWWIM4538E Multiple Principals Were Found

November 5, 2021

Multiple principals were found for the ‘xxxxxx’ principal name error has been logged in systemout.log file. This problem happens when ldap user tried to logon to IBM Case Manager or Content Navigator desktop that is, the user ID or password is not valid for the server. Here is the screenshot of the error:

cwwim4538e multiple principals were found

Environment:

  • Case Manager 5.2.1.x / 5.3.3.x
  • Content Navigator 2.0.3.x / 3.0.x
  • Content Platform Engine 5.2.1.x / 5.5.x
  • WebSphere Application Server 7.0.0.x / 8.5.5.x / 9.0.5.x

Problem Description in System Log File:

Below is the error reported in systemout.log file:

[11/5/21 10:48:22:834 PKT] 0000001b LTPAServerObj E SECJ0369E: Authentication failed when using LTPA. The exception is CWWIM4538E Multiple principals were found for the ‘offr_user’ principal name.
[11/5/21 10:48:22:835 PKT] 0000001b SystemOut O CIWEB Error: [offr_user(unknown) @ 192.168.10.5] [REQUEST 17820] com.ibm.ecm.struts.actions.authentication.ContainerLogonAction.doContainerLogin() CWWIM4538E Multiple principals were found for the ‘offr_user’ principal name.
[11/6/21 10:50:22:836 PKT] CIWEB Error: [offr_user(unknown) @ 192.168.10.5] [REQUEST 17820] com.ibm.ecm.struts.actions.authentication.DesktopLogonAction.executeBaseAction() Failed to authenticate desktop.
com.ibm.websphere.wim.exception.PasswordCheckFailedException: CWWIM4538E Multiple principals were found for the ‘offr_user’ principal name.
at com.ibm.ws.wim.adapter.ldap.LdapAdapter.login(LdapAdapter.java:2760)
at com.ibm.ws.security.auth.ContextManagerImpl.runAs(ContextManagerImpl.java:5353)
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
java.lang.reflect.Method.invoke(Method.java:600)

Solution:

Try the following steps accordingly:

  1. Logon to WAS admin console.
  2. Go to Security > Global Security > Federated repositories > Configure.
  3. Under Repository Identifier, select the “Your’s”.
  4. In additional properties, select Federated repositories entity types to LDAP object classes mapping.
  5. Under Entity Type, select PersonAccount. 
  6. For Search filter, replace the default (ObjectCategory=User) with (&(objectCategory=User)(!(CN=))). 
  7. Click on apply and save the change. Below is the screenshot for reference.

multiple principals were found for the principal name

Finally, restart the WAS JVM. Try to logon again through icm or icn desktop with the same user logon name, therefore you will see problem is resolved now.

For more details, please visit: https://www.ibm.com/mysupport/s/question/0D50z00005pgjYC/getting-error-when-logging-into-portaladmin-console-cwwim4538e-multiple-principals-were-found-for-the-xxx-principal-name?language=en_US

You Might Also Like

java.lang.reflect.invocationtargetexception

java.lang.reflect.invocationtargetexception Error – Creating or Enabling Case History Store in IBM icmadmin

January 17, 2020
ibm icn video support open

IBM Content Navigator Video Streaming 3.0.5

February 4, 2019
how to change wasadmin password in websphere

How to Change Wasadmin Password in WebSphere

December 28, 2022

IBM ECM Consultant

No Comments

Leave a Reply

error

Subscribe