Getting eBweb Login Error - "I'm sorry, but I could not log you in."


	Applies To

	Product(s):	eB Information Manager
	Version(s):	15.x.x, 16.X.X
	Environment:	N/A
	Area:	Login, User Access
	Subarea:	Windows Authentication
	Original Author:	Dennis Chan, Bentley Product Advantage Team

Problem Description:

User setups eBweb to use windows authentication to login, but gets the following error - "I'm sorry, but I could not log you in."

Cause:

If the eB application server and the eB web server are on different machines, then possibly Kerberos Authentication and Impersonation are not set correctly between the two servers.

Solution:

On the web server

Go to the root folder where the eB website is deployed to.
Edit the the web.config file.
Add the following three keys under <appSettings>:
                <add key="Bentley.eB.AllowNtlm" value="false"/>
                <add key="Bentley.eB.TcpOnlyDomains" value="*"/>
                <add key="Bentley.eB.DefaultTcpEndpointIdentity" value="upn:username@domain.com"/>.

(Change "username@domain.com" to the service account that starts the eB Manager Service.)

Then on the AD

run the “Active Directory Users and Computers” mmc snap in.
Click the Delegation tab.
For both the eB application server and the eB web server, select the “Trust this computer for delegation to any service (Kerberos only)” option.

Bentley internal document:
http://ebprod.bentley.com/eBProd/Framework/Object.aspx?o=41769&t=3&i=view

Workaround:

N/A.

Created by Dennis Chan
When: Tue, Feb 27 2018 7:14 PM
Last revision by Don Bui
When: Fri, Mar 29 2019 4:04 PM
Revisions: 5
Comments: 0

Recommended