Symantec Access Management

Tech Tip : CA Single Sign-On : Authentication fails

  • 1.  Tech Tip : CA Single Sign-On : Authentication fails

    Broadcom Employee
    Posted May 28, 2018 03:03 AM

    Issue:


    We're running a Policy Server, and this one reports error when trying to reach those resources :

    [1872/2320][Wed Apr 25 2018 08:23:59][SmDsLdapConnMgr.cpp:1180][ERROR][sm-Ldap-02230] Error# '81' during search: 'error: Can't contact LDAP server' Search Query = '(&(uid=myname)(objectclass=user))'
    [1872/2320][Wed Apr 25 2018 08:23:59][SmDsLdapFunctionImpl.cpp:2133][INFO][sm-Server-04380] Failing over to LDAP server 'myldapserver.mydomain.com:389' in LDAP server bank #1.
    [1872/2320][Wed Apr 25 2018 08:24:00][SmDsLdapConnMgr.cpp:1180][ERROR][sm-Ldap-02230] Error# '32' during search: 'error: No such object' Search Query = '(&(uid=myname)(objectclass=user))'
    [1872/2320][Wed Apr 25 2018 08:25:57][SmDsLdapFunctionImpl.cpp:2128][INFO][sm-Server-04390] Failing back to LDAP server 'myldapserver.mydomain.com:389' in LDAP server bank #1.

    10.36.149.31:1396 : Failing back LDAP store type #1 to server
    Error# '81' during search: 'error: Can't contact LDAP server' Search Query = '(&(uid=myname)(objectclass=user))'
    Failing over to LDAP server 'myldapserver.mydomain.com:389'
    Error# '32' during search: 'error: No such object' Search Query = '(&(uid=myname)(objectclass=user))'
    Failing back to LDAP server 'myldapserver.mydomain.com:389' in LDAP server bank #1.

     

    How can we solve them ?

     

    Environment:

     

    Policy Server 12.52SP1
    User Store on CA Directory 12

     

    Resolution:

     

    Uncheck "DN substring match" on CA Directory User Store to solve this issue.

     

    KB : KB000093054