IMC
cancel
Showing results for 
Search instead for 
Did you mean: 

LDAP auth fail after upgrade to E0703

 
jerodrig
Occasional Contributor

LDAP auth fail after upgrade to E0703

Hello,

After upgrade to E0703, LDAP auth doesn't work anymore.

I use LDAPS to connect to my server and in the IMC web interface, I can only configure the server IP address, not its FQDN (32 characters limitation... seriously...). It worked like this since the last update. Now, I have an error : Authentication server is not available. Please contact the administrator.

In the logs, it's more explicit :

2019-06-06 10:33:07 [ERROR] [http-nio-8443-exec-15] [com.imc.plat.operator.func.LdapUtils::testConnect] Failed to connect to LDAP Server javax.naming.CommunicationException: simple bind failed: 172.29.XX.YY:636 [Root exception is javax.net.ssl.SSLHandshakeException: No subject alternative names matching IP address 172.29.XX.YY found]
 

It's a normal error, since the IP address is not present in the server certificate. Could you please remove this 32 characters limitation in the server address field ? My LDAP auth is now broken since the LDAP server of my organization doesn't support unencrypted LDAP.

Regards.

2 REPLIES 2
jguse
HPE Pro

Re: LDAP auth fail after upgrade to E0703

Hello,

Can you please open a support case for this? This sounds like a bug we need to raise with Engineering.

Many thanks in advance.

Accept or Kudo
ampersand
Occasional Visitor

Re: LDAP auth fail after upgrade to E0703

I had a similar issue with this last upgrade. I have always had the IP address configured and not the FQDN. After the upgrade I received an error like the one posted. I was lucky in the fact that my FQDN was not 32 characters so I was able to switch to it and move forward. Something definitely changed and needs to be fixed.