UCMDB and UD Practitioners Forum (Previously CMS)
Showing results for 
Search instead for 
Do you mean 

UD failed to integrate LDAP due to connection issue

Frequent Advisor

UD failed to integrate LDAP due to connection issue

[ Edited ]

Hello support,

 

Our UD server is able to ping and telnet AD server port 389 & 636. Test LDAP connection failed.

But from the UD log, it always show the error:

 

[qtp997055366-1184] (LdapServices.java:44) ERROR - Fail to retrieve LDAP groups
com.hp.sw.bto.ast.security.uum.UserManagementException: Exception while searching for groups tree in LDAP
at com.hp.sw.bto.ast.security.uum.UserManagementLDAP.findGroupsPlain(UserManagementLDAP.java:650)
at com.hp.ucmdb.ldap.LdapServices.getLdapRootGroups(LdapServices.java:39)
at com.hp.ucmdb.jmx.LdapSettingsJmxServices.testLDAPConnection(LdapSettingsJmxServices.java:201)

.......

Caused by: com.hp.sw.bto.ast.security.uum.UserManagementException: Exception caught while connecting to LDAP with the following configuration parameters: com.hp.sw.bto.ast.security.uum.UserManagementLDAPConfiguration@470b0408
at com.hp.sw.bto.ast.security.uum.UserManagementLDAP.findGroups(UserManagementLDAP.java:477)
at com.hp.sw.bto.ast.security.uum.UserManagementLDAP.findGroupsPlain(UserManagementLDAP.java:648)
... 68 more
Caused by: com.hp.sw.bto.ast.security.uum.UserManagementConnectionException: Exception, while connecting to LDAP with the following configuration parameters: com.hp.sw.bto.ast.security.uum.UserManagementLDAPConfiguration@470b0408
at com.hp.sw.bto.ast.security.uum.LDAPTools.createConnectionAndConnect(LDAPTools.java:170)
at com.hp.sw.bto.ast.security.uum.UserManagementLDAP.findGroups(UserManagementLDAP.java:473)
... 69 more
Caused by: com.hp.sw.bto.ast.security.uum.UserManagementConnectionException: Cannot connect to host = ADservername.xxx.xxx.xx, port = 636, username = CN=ADusername,OU=A,DC=B,DC=C,DC=D
at com.hp.sw.bto.ast.security.uum.LDAPTools.ldapConnect(LDAPTools.java:194)
at com.hp.sw.bto.ast.security.uum.LDAPTools.createConnectionAndConnect(LDAPTools.java:168)
... 70 more
Caused by: netscape.ldap.LDAPException: The connection is not available (80); Unknown error
at netscape.ldap.LDAPConnection.sendRequest(LDAPConnection.java:1809)
at netscape.ldap.LDAPConnection.internalBind(LDAPConnection.java:1754)
at netscape.ldap.LDAPConnection.authenticate(LDAPConnection.java:1294)
at netscape.ldap.LDAPConnection.authenticate(LDAPConnection.java:1239)
at netscape.ldap.LDAPConnection.connect(LDAPConnection.java:918)
at netscape.ldap.LDAPConnection.connect(LDAPConnection.java:867)
at netscape.ldap.LDAPConnection.connect(LDAPConnection.java:1006)
at netscape.ldap.LDAPConnection.connect(LDAPConnection.java:1016)
at netscape.ldap.LDAPConnection.connect(LDAPConnection.java:961)

 

we can use ldp.exe to connect AD server from UD server, even simple bind by a AD account. Please suggest how to resolve this issue?

 

Thanks

Shelly

4 REPLIES
Honored Contributor

Re: UD failed to integrate LDAP due to connection issue

Post all LDAP Settings you put into the UD LDAP Settings, without sensitive information for us to have a look at

As well What type of LDAP?

 

Frequent Advisor

Re: UD failed to integrate LDAP due to connection issue

Hi ,

Thanks for your reply firstly.

Attached our LDAP settings from JMX output.

ping,telnet AD port 389,636 sucessfully. Using LDAP Softerra tool to test the connection from UD server to AD server with the credential. there is no problem.

But same AD account we using for LDAP integration on HP UD with LDAPS port 636, never get any ouput from testldapconnection of jmx console.

system admin checked events on AD server, it just show the connection request from softerra not UD. UD never set up a connection to AD.

What;s wrong here? We pend on this issue a long time. still haven't found the cause.

Thanks

Shelly

Occasional Visitor

Re: UD failed to integrate LDAP due to connection issue

Even I am getting the same error:

LDAP error 80.

JSSESocketFactory fact = new JSSESocketFactory(null);
LDAPConnection ld = new LDAPConnection(fact);

ld.connect(a,b)

(till here works, below methods is where it gets error. It works only for 50% of requests)

ld.authenticate(a,b)

HPE Expert

Re: UD failed to integrate LDAP due to connection issue

Most enterprise users are using UD/UCMDB with LDAP. The code is fine, it's all about configuration.

Please pay attention, that UCMDB couldn't export public certificates (as any browser do). If you are connecting over HTTPS, the certificate need to be imported manually.

I would suggest to start from JMC console. Threre are methods to check connectivity to LDAP, and proper filtering as well.

As a side note. When you will be done with initial settings, please do not try to put all your thousands of employees in LDAP scope. This will make your UCMDB login long as a hell. Create at tleast groups for users and admins and assign appropriate roles in UCMDB.

Hope it helps. 

Regards
-Dmitry Gomel, PMP
If you find that this or any post resolves your issue, please be sure to mark it as an accepted solution.
Click the Like button at the bottom to say 'Thanks'.
//Add this to "OnDomLoad" event