Highlighted
Absent Member.. Absent Member..
Absent Member..
1624 views

UD failed to integrate LDAP due to connection issue

Hello support,

 

Our UD server is able to ping and telnet AD server port 389 & 636. Test LDAP connection failed.

But from the UD log, it always show the error:

 

[qtp997055366-1184] (LdapServices.java:44) ERROR - Fail to retrieve LDAP groups
com.hp.sw.bto.ast.security.uum.UserManagementException: Exception while searching for groups tree in LDAP
at com.hp.sw.bto.ast.security.uum.UserManagementLDAP.findGroupsPlain(UserManagementLDAP.java:650)
at com.hp.ucmdb.ldap.LdapServices.getLdapRootGroups(LdapServices.java:39)
at com.hp.ucmdb.jmx.LdapSettingsJmxServices.testLDAPConnection(LdapSettingsJmxServices.java:201)

.......

Caused by: com.hp.sw.bto.ast.security.uum.UserManagementException: Exception caught while connecting to LDAP with the following configuration parameters: com.hp.sw.bto.ast.security.uum.UserManagementLDAPConfiguration@470b0408
at com.hp.sw.bto.ast.security.uum.UserManagementLDAP.findGroups(UserManagementLDAP.java:477)
at com.hp.sw.bto.ast.security.uum.UserManagementLDAP.findGroupsPlain(UserManagementLDAP.java:648)
... 68 more
Caused by: com.hp.sw.bto.ast.security.uum.UserManagementConnectionException: Exception, while connecting to LDAP with the following configuration parameters: com.hp.sw.bto.ast.security.uum.UserManagementLDAPConfiguration@470b0408
at com.hp.sw.bto.ast.security.uum.LDAPTools.createConnectionAndConnect(LDAPTools.java:170)
at com.hp.sw.bto.ast.security.uum.UserManagementLDAP.findGroups(UserManagementLDAP.java:473)
... 69 more
Caused by: com.hp.sw.bto.ast.security.uum.UserManagementConnectionException: Cannot connect to host = ADservername.xxx.xxx.xx, port = 636, username = CN=ADusername,OU=A,DC=B,DC=C,DC=D
at com.hp.sw.bto.ast.security.uum.LDAPTools.ldapConnect(LDAPTools.java:194)
at com.hp.sw.bto.ast.security.uum.LDAPTools.createConnectionAndConnect(LDAPTools.java:168)
... 70 more
Caused by: netscape.ldap.LDAPException: The connection is not available (80); Unknown error
at netscape.ldap.LDAPConnection.sendRequest(LDAPConnection.java:1809)
at netscape.ldap.LDAPConnection.internalBind(LDAPConnection.java:1754)
at netscape.ldap.LDAPConnection.authenticate(LDAPConnection.java:1294)
at netscape.ldap.LDAPConnection.authenticate(LDAPConnection.java:1239)
at netscape.ldap.LDAPConnection.connect(LDAPConnection.java:918)
at netscape.ldap.LDAPConnection.connect(LDAPConnection.java:867)
at netscape.ldap.LDAPConnection.connect(LDAPConnection.java:1006)
at netscape.ldap.LDAPConnection.connect(LDAPConnection.java:1016)
at netscape.ldap.LDAPConnection.connect(LDAPConnection.java:961)

 

we can use ldp.exe to connect AD server from UD server, even simple bind by a AD account. Please suggest how to resolve this issue?

 

Thanks

Shelly

Tags (1)
0 Likes
4 Replies
Highlighted
Knowledge Partner
Knowledge Partner

Re: UD failed to integrate LDAP due to connection issue

Post all LDAP Settings you put into the UD LDAP Settings, without sensitive information for us to have a look at

As well What type of LDAP?

 

0 Likes
Highlighted
Absent Member.. Absent Member..
Absent Member..

Re: UD failed to integrate LDAP due to connection issue

Hi ,

Thanks for your reply firstly.

Attached our LDAP settings from JMX output.

ping,telnet AD port 389,636 sucessfully. Using LDAP Softerra tool to test the connection from UD server to AD server with the credential. there is no problem.

But same AD account we using for LDAP integration on HP UD with LDAPS port 636, never get any ouput from testldapconnection of jmx console.

system admin checked events on AD server, it just show the connection request from softerra not UD. UD never set up a connection to AD.

What;s wrong here? We pend on this issue a long time. still haven't found the cause.

Thanks

Shelly

0 Likes
Highlighted
Absent Member.
Absent Member.

Re: UD failed to integrate LDAP due to connection issue

Even I am getting the same error:

LDAP error 80.

JSSESocketFactory fact = new JSSESocketFactory(null);
LDAPConnection ld = new LDAPConnection(fact);

ld.connect(a,b)

(till here works, below methods is where it gets error. It works only for 50% of requests)

ld.authenticate(a,b)

0 Likes
Highlighted
Acclaimed Contributor.. Acclaimed Contributor..
Acclaimed Contributor..

Re: UD failed to integrate LDAP due to connection issue

Most enterprise users are using UD/UCMDB with LDAP. The code is fine, it's all about configuration.

Please pay attention, that UCMDB couldn't export public certificates (as any browser do). If you are connecting over HTTPS, the certificate need to be imported manually.

I would suggest to start from JMC console. Threre are methods to check connectivity to LDAP, and proper filtering as well.

As a side note. When you will be done with initial settings, please do not try to put all your thousands of employees in LDAP scope. This will make your UCMDB login long as a hell. Create at tleast groups for users and admins and assign appropriate roles in UCMDB.

Hope it helps. 

Regards
-Dmitry Gomel, PMP
Click the Like button at the bottom to say 'Thanks'.
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.