Central User Mamagement IS - ldap connection problem from IS 8.2

Hi,
I have environment:
IS: 8.2.2. IS_8.2_SP2_Core_Fix7
MWS: 8.2.1.0.416 MWS_8.2_SP1_Fix11

I configure Directory Service (ADSI) in MWS - service succesful connect to Active Directory (find users from Active Directory)
When I starting IS there is problem with ldap connection:
server.log:

[CommonLib.MWS.0002T] *** ResultSet log end ***
Unable to Connect to 0 ldap://..:389 as CN=,OU=,OU=Accounts,DC=,DC=,DC=netscape.ldap.LDAPException: failed to connect to server ldap://:389 (91)
at netscape.ldap.LDAPConnSetupMgr.connectServer(LDAPConnSetupMgr.java:515)
at netscape.ldap.LDAPConnSetupMgr.openSerial(LDAPConnSetupMgr.java:435)
at netscape.ldap.LDAPConnSetupMgr.connect(LDAPConnSetupMgr.java:274)
at netscape.ldap.LDAPConnSetupMgr.access$000(LDAPConnSetupMgr.java:44)
at netscape.ldap.LDAPConnSetupMgr$1.run(LDAPConnSetupMgr.java:208)
at java.lang.Thread.run(Thread.java:662)
2013-02-28 08:53:16 CET [CommonLib.MWS.0002I] No registered exception delegate
2013-02-28 08:53:16 CET [ISS.0024.0010C] Central User Manager initialization failed with error : [POP.012.0007.wm_xt_ldapdirsvc] Unable to create ldap connection ([POP.012.0007.wm_xt_ldapdirsvc] Unable to create ldap connection (failed to connect to server ldap://
:389))
2013-02-28 08:53:16 CET [WmAuditingSC.queue.2010D] Attempting to insert event onto queue ‘Error Queue’
2013-02-28 08:53:16 CET [ISS.0048.9999D] [POP.012.0007.wm_xt_ldapdirsvc] Unable to create ldap connection ([POP.012.0007.wm_xt_ldapdirsvc] Unable to create ldap connection (failed to connect to server ldap://*:389))
2013-02-28 08:53:16 CET [ISS.0024.0001E] Could not initialize User Manager.

After IS start in Security->User Management->Central User Management tab there is information:
Central User Management Configured

When I try find in ACL tab roles from ‘Central provider’ after several attempts my Directory Service account locked in Active Directory (ldap error 775).
It look likes problem with bad password but before connection from MWS is OK…

Do you have any idea?
Thanks.

Hi,
I used tcpdump in IS - authentication query to LDAP is with AES encrypted password…

I don’t know why IS don’t decrypt it before query.

Any suggestion?
Thanks.

Hi poshbilly,
Did you check the principal user/pwd for connecting to ldap server? If it is not principal user then you won’t be able to login to ldap server.

Regards,
Vikas

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.