robert_maury Absent Member.
Absent Member.
425 views

vault network connection KO


Hello

It's the first time i use Designer on my Windows PC. The vault test
connection to my LDAP is KO.
The telnet to the LDAP port 389 is OK, but when i initiate the vault
test connection i see the java process starting on TCPview software.

javaw.exe 3424 TCP my PC 51418 LDAPserver 524 SYN_SENT

i have configured the remote LDAP port at 389 in designer but the java
process use 524 i don't understand why ?


Best regards


--
robert_maury
------------------------------------------------------------------------
robert_maury's Profile: https://forums.netiq.com/member.php?userid=9145
View this thread: https://forums.netiq.com/showthread.php?t=53436

Labels (1)
0 Likes
10 Replies
Knowledge Partner Knowledge Partner
Knowledge Partner

Re: vault network connection KO

Designer is tool that, currently, uses NCP for communication with the
vault. A version that uses LDAP is pending and should do great things for
performance, but at least today that is not an option. The presence of
LDAP settings within Designer is mostly for documentation at this point, I
believe. The connection settings within the properties of the Identity
Vault object (big grey box in the Modeler view) are what you are after to
configure the IP/DNS and NCP port, should those ever change..


--
Good luck.

If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below...
0 Likes
robert_maury Absent Member.
Absent Member.

Re: vault network connection KO


Hello,

Can i modify the request NCP port into Designer: > 1024 for example ?

Best regards


--
robert_maury
------------------------------------------------------------------------
robert_maury's Profile: https://forums.netiq.com/member.php?userid=9145
View this thread: https://forums.netiq.com/showthread.php?t=53436

0 Likes
Knowledge Partner
Knowledge Partner

Re: vault network connection KO

On Wed, 06 May 2015 13:21:08 +0000, robert maury wrote:

> Hello,
>
> Can i modify the request NCP port into Designer: > 1024 for example ?


If you have eDirectory running on a non-standard port, yes.


--
--------------------------------------------------------------------------
David Gersic dgersic_@_niu.edu
Knowledge Partner http://forums.microfocus.com

Please post questions in the forums. No support provided via email.
If you find this post helpful, please click on the star below.
0 Likes
Knowledge Partner
Knowledge Partner

Re: vault network connection KO

robert maury wrote:

> Can i modify the request NCP port into Designer: > 1024 for example ?


I'm pretty sure Designer already uses high ports as it acts as client to
eDirectory, which is serving on 524. On the server side you could probably
change the port with ndsconfig get/set, but I would be surprised if that was a
good idea. What you need to allow on your firewall is

Designer: (random high ports) --> Edir server: 389, 524 and 636 (some comms are
already using LDAP right now...)
______________________________________________
https://www.is4it.de/identity-access-management
0 Likes
robert_maury Absent Member.
Absent Member.

Re: vault network connection KO


i agree with you for the eDirectory NCP port. But my problem comes to
the Designer which uses automatically the recipient port 524.
I don't know how to modify Designer.

best regards


--
robert_maury
------------------------------------------------------------------------
robert_maury's Profile: https://forums.netiq.com/member.php?userid=9145
View this thread: https://forums.netiq.com/showthread.php?t=53436

0 Likes
Knowledge Partner
Knowledge Partner

Re: vault network connection KO

robert maury wrote:

> i agree with you for the eDirectory NCP port. But my problem comes to
> the Designer which uses automatically the recipient port 524.
> I don't know how to modify Designer.


So you have Edirectory running on a custom port already, is that what you want
to say? In that case, go to the ID Vault properties and append the
:<portnumber> to the "Host" field.
______________________________________________
https://www.is4it.de/identity-access-management
0 Likes
robert_maury Absent Member.
Absent Member.

Re: vault network connection KO


Hello,
eDirectory NCP port = 1025
Designer initiate a NCP request to eDirectory. The default destination
port in this request is 524.
i have appended the : port to the Host field but Designer reject this
setup

Best regards


--
robert_maury
------------------------------------------------------------------------
robert_maury's Profile: https://forums.netiq.com/member.php?userid=9145
View this thread: https://forums.netiq.com/showthread.php?t=53436

0 Likes
Knowledge Partner
Knowledge Partner

Re: vault network connection KO

robert maury wrote:

> eDirectory NCP port = 1025
> Designer initiate a NCP request to eDirectory. The default destination
> port in this request is 524.
> i have appended the : port to the Host field but Designer reject this
> setup


Which Designer version is that? And are you using the host field in ID Vault
properties (which is where I tried it) or the one on the server object in
Designer (which does not get used for connections at all, just for
documentation).

If I use e.g. 1.2.3.4:555 as host in ID Vault properties and hit "Test
connection", I get an error, if I use 1.2.3.4:524 and hit the button again it
works, exactly as if I leave out the :524 altogether (I do not have Edir on non
standard port, so cannot test your setup).

Or does the "test connection" work, but a subsequent compare/deploy/restart
driver etc. operation fails?
______________________________________________
https://www.is4it.de/identity-access-management
0 Likes
Knowledge Partner
Knowledge Partner

Re: vault network connection KO

Lothar Haeger wrote:

> If I use e.g. 1.2.3.4:555 as host in ID Vault properties and hit "Test
> connection", I get an error, if I use 1.2.3.4:524 and hit the button again it
> works, exactly as if I leave out the :524 altogether


This works for me on both 4.5.0.2 (Win) and 4.0.2 AU5 (Linux), btw.
______________________________________________
https://www.is4it.de/identity-access-management
0 Likes
Knowledge Partner
Knowledge Partner

Re: vault network connection KO

On Wed, 06 May 2015 15:44:01 +0000, robert maury wrote:

> Hello,
> eDirectory NCP port = 1025
> Designer initiate a NCP request to eDirectory. The default destination
> port in this request is 524.
> i have appended the : port to the Host field but Designer reject this
> setup


Right click on the Vault object. Go to Properties. In the host field, you
put ipaddress:port for the vault. Works fine here, I have one on
ipaddress:1524 and no problems with it.


--
--------------------------------------------------------------------------
David Gersic dgersic_@_niu.edu
Knowledge Partner http://forums.microfocus.com

Please post questions in the forums. No support provided via email.
If you find this post helpful, please click on the star below.
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.