Submit a ticketCall us

Looking to compare latest NPM features with previous versions of NPM?
The NPM new feature summary offers a comparison of new features and improvements offered with this release.





Home > Success Center > Log & Event Manager (LEM) > Unable to authenticate on LEM manager: Invalid login

Unable to authenticate on LEM manager: Invalid login

Updated January 13, 2017


After configuring SSO, the following error displays:

Unable to authenticate on manager: Invalid login

Logging in with an Active Directory (AD) account from Windows works fine. 

Logging in as adserver.local\username does not work, however, and the manager.log shows the following error:

Flex authentication failed: Authentication request not handheld


LEM 6.3


This error occurs when there is a time difference between the LEM VM and Active Directory (the LDAP server). To verify, check the watchlogs from cmc for errors related to Kerberos.


By default, all LEM deployments get their time-sync from the VM host computer.

If the host is VMware ESX(i), ESXi will get its time-sync from a local or Internet NTP server.
If the host is Hyper-V, and the Hyper-V server is a member of Active Directory, the VM host will get its time from Active Directory.
If the Hyper-V host is not a member of the domain, the host needs to get its time from an NTP server.

If time-sync from the host VM is not possible, be sure to clear the time-sync option on the VM host, and enable LEM to get its time directly from an NTP server.

To configure NTP time-sync:

  1.      Open a vSphere console (or PuTTY session on port 32022) to LEM.
  2.      Enter the "appliance" menu.
  3.      Enter the "ntpconfig" command, and follow the prompts to point to a local or Internet NTP server.




Last modified
19:54, 22 Mar 2017