UD failed to integrate LDAP due to connection issue

Hello support,

 

Our UD server is able to ping and telnet AD server port 389 & 636. Test LDAP connection failed.

But from the UD log, it always show the error:

 

[qtp997055366-1184] (LdapServices.java:44) ERROR - Fail to retrieve LDAP groups
com.hp.sw.bto.ast.security.uum.UserManagementException: Exception while searching for groups tree in LDAP
at com.hp.sw.bto.ast.security.uum.UserManagementLDAP.findGroupsPlain(UserManagementLDAP.java:650)
at com.hp.ucmdb.ldap.LdapServices.getLdapRootGroups(LdapServices.java:39)
at com.hp.ucmdb.jmx.LdapSettingsJmxServices.testLDAPConnection(LdapSettingsJmxServices.java:201)

.......

Caused by: com.hp.sw.bto.ast.security.uum.UserManagementException: Exception caught while connecting to LDAP with the following configuration parameters: com.hp.sw.bto.ast.security.uum.UserManagementLDAPConfiguration@470b0408
at com.hp.sw.bto.ast.security.uum.UserManagementLDAP.findGroups(UserManagementLDAP.java:477)
at com.hp.sw.bto.ast.security.uum.UserManagementLDAP.findGroupsPlain(UserManagementLDAP.java:648)
... 68 more
Caused by: com.hp.sw.bto.ast.security.uum.UserManagementConnectionException: Exception, while connecting to LDAP with the following configuration parameters: com.hp.sw.bto.ast.security.uum.UserManagementLDAPConfiguration@470b0408
at com.hp.sw.bto.ast.security.uum.LDAPTools.createConnectionAndConnect(LDAPTools.java:170)
at com.hp.sw.bto.ast.security.uum.UserManagementLDAP.findGroups(UserManagementLDAP.java:473)
... 69 more
Caused by: com.hp.sw.bto.ast.security.uum.UserManagementConnectionException: Cannot connect to host = ADservername.xxx.xxx.xx, port = 636, username = CN=ADusername,OU=A,DC=B,DC=C,DC=D
at com.hp.sw.bto.ast.security.uum.LDAPTools.ldapConnect(LDAPTools.java:194)
at com.hp.sw.bto.ast.security.uum.LDAPTools.createConnectionAndConnect(LDAPTools.java:168)
... 70 more
Caused by: netscape.ldap.LDAPException: The connection is not available (80); Unknown error
at netscape.ldap.LDAPConnection.sendRequest(LDAPConnection.java:1809)
at netscape.ldap.LDAPConnection.internalBind(LDAPConnection.java:1754)
at netscape.ldap.LDAPConnection.authenticate(LDAPConnection.java:1294)
at netscape.ldap.LDAPConnection.authenticate(LDAPConnection.java:1239)
at netscape.ldap.LDAPConnection.connect(LDAPConnection.java:918)
at netscape.ldap.LDAPConnection.connect(LDAPConnection.java:867)
at netscape.ldap.LDAPConnection.connect(LDAPConnection.java:1006)
at netscape.ldap.LDAPConnection.connect(LDAPConnection.java:1016)
at netscape.ldap.LDAPConnection.connect(LDAPConnection.java:961)

 

we can use ldp.exe to connect AD server from UD server, even simple bind by a AD account. Please suggest how to resolve this issue?

 

Thanks

Shelly

Tags:

Parents Reply Children
  • Most enterprise users are using UD/UCMDB with LDAP. The code is fine, it's all about configuration.

    Please pay attention, that UCMDB couldn't export public certificates (as any browser do). If you are connecting over HTTPS, the certificate need to be imported manually.

    I would suggest to start from JMC console. Threre are methods to check connectivity to LDAP, and proper filtering as well.

    As a side note. When you will be done with initial settings, please do not try to put all your thousands of employees in LDAP scope. This will make your UCMDB login long as a hell. Create at tleast groups for users and admins and assign appropriate roles in UCMDB.

    Hope it helps.