5 Replies Latest reply on Feb 21, 2012 10:00 PM by Monoj Padhy

    Bladelogic agent error login not allowed


      We are getting error login not allowed for servers when we are trying to access server via BL Console. But agentinfo is running fine. We checked the admin user to which agent in mapped is not locked out and Bladelogic RDCS user is also not locked out.

        • 1. Re: Bladelogic agent error login not allowed

          What do you see in the rscd.log on the targets?

          • 2. Re: Bladelogic agent error login not allowed

            Is it a domain controller ?

            if not find the following which can be helpful

            check for "Log on as batch job" and/or "Don't expire password" in your local or domain policy.


            "Login not allowed for user"

            There are several reasons why this error may occur. The most common problem can happen when the ACLs on the remote host are mapping to a user that does not exist on the remote host. This often happens when the administrator account has been renamed on the remote host or is named differently from a standard defined in your environment.

            In some cases this error may arise when you have incorrectly installed an agent onto a domain controller in your environment. Check your domain to see if you have a duplicate BladeLogicRSCD account.

            Another cause of this issue is when your policy contains incompatible entries for "Log on as batch job" and/or "Don't expire password". If these two entries do not have a value for BladeLogicRSCD and are getting propagated across your environment, they will interfere with the BladeLogic agent, causing the "Login not allowed for user" message. Refer to the documentation for information about installing an agent to a Domain Controller.

            • 3. Re: Bladelogic agent error login not allowed

              In my environment when I see this error, one of the ways to resolve this is to copy the "users" file from a similar server that is responding where the Admin account is the same. then reverify the host.


              Before doing that, you need to validate that your admin account has Admin privileges and r/w on the root drive.and that the admin account is the same on the host, in the users.local file and in your BL console.

              • 4. Re: Bladelogic agent error login not allowed
                Bill Robinson

                What role are you trying to access the agent from?  is there a mapping entry in the rsc files for this role?

                • 5. Re: Bladelogic agent error login not allowed
                  Monoj Padhy

                  Hi Piyush,


                  This seems to be an mapping issue. The role with which you are tring to access the server is not mapped to the administrator user of the target server.


                  I will say check the agent acl tab of the role and check to which user is it mapped to and whether that user have access to the root directory of the server,


                  If not map to a user who has the access to the root directory and push agent acl to that server you are trying to access.

                  I have tried this and is working fine in my environment .


                  NOTE: I will suggest to have test of the above before appling in the production server.