Active Directory connection stops within a minute of saving the ICDx configuration
Last Updated May 15, 2019
Active Directory (AD) connection stops within a minute of saving the ICDx configuration
ICDx installer version 1.2.0
An error similar to the following appears at the Linux CLI as output from the ICDx installer or appears in the installation log: 2019-05-15 17:59:25,984 [main] ERROR c.s.p.identity.ldap.LdapIdentityProvider - Failed startup connection to LDAP server [ldaps://hostname.domain.tld:636] using Bind User [email@example.com] err=[simple bind failed: hostname.domain.tld:636]
Within the target AD server, the Authentication Log does not appear to have an Audit Failure event containing the username used for the binding credentials in the ICDx Active Directory configuration.
Symantec is investigating at this time.
To eliminate the possibility of a simple networking issue
At the Linux CLI of the ICDx machine, type: ssh 10.0.0.10 -p 636
...where 10.0.0.10 is the IP address of the AD Server and 636 is the port listening for LDAPS bind requests.
If the connection is immediately rejected, troubleshoot intervening network connectivity based on whatever error appears
If the ssh command appears to pause without returning to the command prompt, then the basic SSL connectivity to the IP and port works. In this scenario, ICDx may need to import the certificate used by the LDAPS service on the AD server.
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe