This article discusses how to troubleshoot LDAP over CA EEM connection problems.
Overview
Customarily we have many challenges on projects and some this big fights can be about a gap knowledge but we can help using simple procedures and i tried wrote it here. How to debug, how do discovery, how to do something without information or with poor information. Basically our common problems is about accounts problems our Connectivity and following this line, we need check:
- Server connectivity
- Server available
- Service available
- Account problems
- service account expired or locked out
- User changes, It is normal to occur some mistakes on user entry on ldap server record
Do you know what is your IP server, probably is your domain, something like <domain>.com example: ca.com
To troubleshoot LDAPS connection problems, follow these steps.
Troubleshooting
1. LDAP is a protocol. (more...)
Normally LDAP is a TCP protocol. But Microsoft uses LDAP also over UDP (more...)
2. Connectivity test - Server exists?
What is LDAP server?
Maybe you´ll know if is AD / OpenLDAP / ldapadmin / or others
trying to ping
ping <server>
(more...)
3. Connectivity test - Can i close the connection?
If in your LDAP case it uses TCP you can try test using telnet
telnet <server> 389
(more...)
4. Connectivity test - Verify the Server Authentication certificate
You can use JXplorer (jxplorer-3.3.02-windows-installer.exe - Mirror) Connectivity test it is help us to discovery a real problem quickly,
5. How is your BASE DN, looking for BASE DN (more...)
- The common name (CN) in the Subject field
6. Configuring CA SDM to use LDAP Authentication
just... following CA Service Desk documentation
Configuring CA SDM to Use LDAP Authentication - CA Service Management - 14.1 - CA Wiki
References
CA EEM - External Directory Configuration (CA EEM for Microsoft Active Directory) - steps, how to do
List of TCP and UDP port numbers - Wikipedia, the free encyclopedia
https://support.microsoft.com/en-us/kb/816103
How to Use Telnet to Test SMTP Communication
https://support.microsoft.com/en-us/kb/315846
Softwares Tools - Screenshot / Searching files / Editing text files
Common Active Directory LDAP bind errors
LDAP: error code 49 - 80090308: LdapErr: DSID-0C09030B, comment: AcceptSecurityContext error, data 52e, v893 - Solution: User Rights
Understanding AD LDS Users and Groups
http://www.servicedeskusers.com/LDAP_Integration
Do you found your solution? Not, please help us to improve this document and left one message.