This article discusses how to troubleshoot LDAP over CA EEM connection problems.
Customarily we have many challenges on projects and some this big fights can be about a gap knowledge but we can help using simple procedures and i tried wrote it here. How to debug, how do discovery, how to do something without information or with poor information. Basically our common problems is about accounts problems our Connectivity and following this line, we need check:
- Server connectivity
- Server available
- Service available
- Account problems
- service account expired or locked out
- User changes, It is normal to occur some mistakes on user entry on ldap server record
Do you know what is your IP server, probably is your domain, something like <domain>.com example: ca.com
To troubleshoot LDAPS connection problems, follow these steps.
1. LDAP is a protocol. (more...)
Normally LDAP is a TCP protocol. But Microsoft uses LDAP also over UDP (more...)
2. Connectivity test - Server exists?
What is LDAP server?
trying to ping
3. Connectivity test - Can i close the connection?
If in your LDAP case it uses TCP you can try test using telnet
telnet <server> 389
4. Connectivity test - Verify the Server Authentication certificate
You can use JXplorer (jxplorer-3.3.02-windows-installer.exe - Mirror) Connectivity test it is help us to discovery a real problem quickly,
5. How is your BASE DN, looking for BASE DN (more...)
- The common name (CN) in the Subject field
6. Configuring CA SDM to use LDAP Authentication
just... following CA Service Desk documentation