Hi Kristof DeGroote,
I guess you might have tried with what Dmytry suggested like cleaning the JCS cache and by passing JCS. As per the error, IMPS is still sending the AD requests to JCS which is failing here. Please cross check again. Here are the detailed steps to bypass JCS (IMPS can send AD requests directly to CCS(C++ Connector Server) service). It should address this issue.
Step1: By default, CCS only accepts requests from the same machine (local machine). Requests from remote machines cannot be accepted. To allow CCS to accept remote requests, follow the steps below.
1. First update "Urls" registry value under
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\ComputerAssociates\slapd\im_ccs\CurrentVersion]
By default "Urls" value would be like "ldap://localhost:20402 ldaps://localhost>:20403"
Append the following line to "Urls"
ldap://<hostname >:20402 ldaps://<hostname >:20403"
NOTE: please replace hostname with actual machine name of IP address
After appending , the "Urls" value should be
"ldap://localhost:20402 ldaps://localhost>:20403 ldap://<hostname >:20402 ldaps://<hostname>:20403"
2. Restart the CCS service. ANd make sure that CCS ports(20402 and 20403) opened for remote requets(check with netstat cmd) .
Step2: Register the CCS connector server to the respective provisioning server by using Connector Xpress.
Step3: Map the Active Directory endpoints/ Active Directory Namespace to the newly added CCS connector server.
Step2 and step3 makes IMPS to send Active Directory requests to the CCS connector server directly(by passing JCS here).
Original Message:
Sent: Feb 19, 2024 09:32 AM
From: Kristof DeGroote
Subject: failed to activate connector on proxy connector server: localhost:20402; socket closed
Thanks Dmytro, Unfortunately still not working.
Even by setting the connector to use the CS, i still get the same error :
Any further help would be much appreciated.
Original Message:
Sent: Feb 18, 2024 05:51 PM
From: Dmytro Kvyatkovsky
Subject: failed to activate connector on proxy connector server: localhost:20402; socket closed
A few comments:
- Before modifying CCS configuration to allow remote access as recommended by Bogdan I'd recommend to cleanup JCS cache as per this KB article:
https://knowledge.broadcom.com/external/article?articleNumber=5156 - If cleaning JCS cache does not help you may want to add (not replace!), and it's ldap, not http:
ldap://<hostname>:20403
to the registry entry (HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\ComputerAssociates\slapd\im_ccs\CurrentVersion\Urls)
Do not add ldap://<hostname>:20402 as 20402 is a clear port, and after such change it'd be possible to make a clear connection to CCS directly from remote machines using any LDAP client. This is a security compromise.
- If previous steps do not work may also try to connect Prov Server directly to CCS by modifying its connector server framework using Connector Xpress as remote access to CCS is configured.
This will remove JCS from the provisioning components chain.
Original Message:
Sent: May 26, 2015 06:12 AM
From: BOGDAN BARBU
Subject: failed to activate connector on proxy connector server: localhost:20402; socket closed
Hi guys,
I have a issue with updating the properties of an Active Directory endpoint. No matter what settings I want to change, the update fails with error message "failed to activate connector on proxy connector server: localhost:20402; socket closed".
And I dont have any more ideas why this happens. All started after changing the connection user from a limited user to a domain administrator.
Any idea how to solve this?
Regards,
Bogdan Barbu