Article ID: 114175, created on Jun 21, 2012, last review on May 6, 2014

  • Applies to:
  • Plesk 9.x for Linux/Unix
  • Virtual Automation 4.5
  • Virtual Automation 4.6


Some domain administrators cannot log in to Parallels Plesk Panel.

For example, the cannotlogin.tld domain administrator cannot log in, whereas the canlogin.tld domain administrator can log in with no issues.

What is the reason for this selective behavior?


Most probably, login to Parallels Plesk Panel (PP) is being achieved by means of Parallels Power Panel (PPP).
The sequence to check the ability to log in to PPP is this:

1) If there is a system user with the supplied name, PPP checks the password and the system user’s group ID; if the user is not a member of the group with ID 0 or the password is wrong, then the access is denied;
2) If there is no such system user, the authentication is passed through to PP as is, disabling PPP redirection for this session entirely (so that PP manages further access).

Thus, there are a few possible explanations for the above symptoms, including the following:

- There is no system user with the name canlogin.tld.
- There is a system user with the name cannotlogin.tld, and he is not a member of the group with ID 0.
In general, support for domain administrative logins in PPP is declared as unsupported (because it is not possible to check the domain-level logins on the first step).


You have at least two options to solve the issue:

-          Disable PPP for the container.
-          Rename the corresponding system users so that they do not match any domain administrator login names (domain names).

56797cefb1efc9130f7c48a7d1db0f0c a914db3fdc7a53ddcfd1b2db8f5a1b9c 29d1e90fd304f01e6420fbe60f66f838 edc5403543a5b1f8ebc08b0ce6a492fc 2897d76d56d2010f4e3a28f864d69223 319940068c5fa20655215d590b7be29b d16a8794b3bdb3f66571d469e71906a9 6ef0db7f1685482449634a455d77d3f4

Email subscription for changes to this article
Save as PDF