Absent Member.. PPM_dynamic_use Absent Member..
Absent Member..
56 views

LDAP Simple bind failed !!

Hi All,

 

We are facing below issue when trying to connect to a new LDAP server.
The LDAP Server could not be reached.Please validate the LDAP_URL parameter in the server.conf. (KNTA-10843)
nested detail:simple bind failed: <server_name>:389

 

However when we do ldapsearch from server bash then it works. Do you have any idea as how exactly PPM performs bind to ldap server using server.conf parameters.

Really appreciate if anyone can comment.

0 Likes
4 Replies
Absent Member.. randull Absent Member..
Absent Member..

Re: LDAP Simple bind failed !!

Hi,

 

Could you please share with us what is your PPM version?

 

In order to troubleshoot this error, the following steps shall be recommended to take:

***********

1. Turn off Generic Single Sign On to allow PPM to communicate with LDAP server directly and verify if LDAPS parameters values in server.conf file are proper.

 

      a. Stop PPM instance and then delete logs.

 

      b. Open server.conf file and make the following changes:


      b1. comment out generic single sign on paramter.

      b2. change base_url and set it to be something like http://<PPM_host>:<http_port number>

      b3. enable LDAPS parameters including LDAP_URL, LDAP_SSL_PORT, LDAP_KEYSTORE and LDAP_KEYSTORE_PASSWORD

      c. Add the following line in kStart.sh file, right after the block of SYSTEM_PROPS:

 

      SYSTEM_PROPS="$SYSTEM_PROPS -Djavax.net.debug=ssl,handshake"

 

      d. Start the PPM server in debug mode using this command "kStart.sh -debug"

 

      e. Log into PPM URL as a ldap user to confirm if we can log in or we get any error.

      http://<PPM_host>:<http_port number>

 

If user can log in, it means LDAPS parameters in server.conf file are correct. If there any errors, open ppm server log file to check what errors they are and fix the errors.

***********

 

 

2. After PPM is able to communicate with LDAP server properly from STEP 1 above, then SSO can be enabled and open WB from Desktop to test WB connectivity.

 

      a. Stop PPM instance.

 

      b. Open server.conf file and make the following changes:


      b1. enable generic single sign on.

      b2. change base_url to the SSO site.

      c. Leave the debug info in the kStart.sh file and start PPM in debug mode.

 

      d. Open WB from Desktop and see if error still occurs,

 

If still getting error, then open a CPE incident to get R&D's assistance to investigate since it must be an issue with this feature in the product.

Best regards,
Randall

-- Remember to give Kudos to answers! (click the KUDOS star)
"If you find that this or any post resolves your issue, please be sure to mark it as an accepted solution.”
0 Likes
Absent Member.. PPM_dynamic_use Absent Member..
Absent Member..

Re: LDAP Simple bind failed !!

Hi Randall,
I tried with above ..but still getting same error. I ran kConfig.sh and provided each LDAP parameter.Modifed kStart.sh as you suggested and then kUpdatHtml.sh . Post that I ran kStart.sh -debug....
Geeting same error on interface and in the debug files , I am getting below:
The LDAP Server could not be reached.Please validate the LDAP_URL parameter in the server.conf. (KNTA-10843)
nested detail:simple bind failed: <serverURL>:389

Could you please help me further on this..Also one point that if we run ldapsearch query from server bash (putty) then it works..So the problem is how PPM generates ldapsearch query at back end and how it exaclty binds to LDAP..
Please help further..thanks for ur reply..
0 Likes
Absent Member.. PPM_dynamic_use Absent Member..
Absent Member..

Re: LDAP Simple bind failed !!

One more thing...when I run konfig command then it asks for LDAP_password. I provided only text (example test111). DO I need to provide it like #!#test111#!# OR only test111
I did it like test111 while testing..
0 Likes
Absent Member.. randull Absent Member..
Absent Member..

Re: LDAP Simple bind failed !!

Hi,

 

Could you please give me your PPM version and the ksupport?

Best regards,
Randall

-- Remember to give Kudos to answers! (click the KUDOS star)
"If you find that this or any post resolves your issue, please be sure to mark it as an accepted solution.”
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.