In most cases, the reason for a user encountering this error will be due to them entering the wrong username (case matters!) and/or password. Assuming these have been ruled out, proceed to the next steps below.

Verify that the user's account is Enabled 

  • As an administrator, go into the Administration area and click on the Users link. 
  • Click on the user account in question.
  • Confirm that the Enabled field is set to Yes.

Note: If you are unable to access the interface (due to a 'Login Failed' error with your own account), you can verify whether or not the account is enabled by executing a database query like the following against your Cascade CMS database:

select isEnabled 
from cxml_user where
username = '{username}';

(making sure to replace {username} with the username in question)

A result of 0 means the account is disabled.
A result of 1 means the account is enabled

To enable a disabled account, execute the following query:

update cxml_user
set isEnabled = 1
where username = '{username}';

If the user's account is enabled but they still receive the error, continue troubleshooting by following the steps below.

Determine how the user is attempting to authenticate 

  • As an administrator, go into the Administration area and click on the Users link.
  • Click on the user account in question.
  • Check the value listed for the Authentication field. It will be 1 of the 3 types listed below:

Normal - The user's account is managed entirely within Cascade CMS (the username and password are stored locally in the Cascade CMS database). If the user's account is enabled but they still receive a 'Login Failed' message when attempting to log in, an administrator should change the user's password and then provide the user with a new password. At that point, verify that the user is able to log in using the new password provided.

LDAP - The user's account is managed in your organization's existing LDAP/Active Directory instance. To investigate further, LDAP/AD administrators will want to see if the user account in question has an expired password (in which case a new password must be provided to the user) or if the user has simply entered a bad password (in which case the user may need to be provided with a new password as they may have forgotten the current one).  

In Active Directory, for example, the status of a user account can be found in the Attribute Editor. Specifically, you can check the badPasswordTime attribute to verify whether or not the user recently entered a bad password.

Custom - The user's account is managed in your organization's SSO system (CAS, Shibboleth, etc.). Your SSO administrator will need to check for errors related to the user's account from around the time of the failed login attempt(s). 

Note: If you are unable to access the interface (due to a 'Login Failed' error with your own account), the authentication type for a user account can be determined by executing the following database query:

select authmode 
from cxml_user
where username = '{username}';

A result of 0 means the account is a Normal account.
A result of 1 means the account is an LDAP account.
A result of 2 means the account is a Custom account.

Still having trouble?

Feel free to reach out to Hannon Hill Support and our team can help you troubleshoot further.
 

Did this answer your question?