search cancel

WAMUI - Unable to contact the following LDAP directory to check its type


Article ID: 134042


Updated On:


CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On Agents (SiteMinder) CA Single Sign On Federation (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On SITEMINDER


We're running an AdminUI and when we want to configure a group to a

Policy for Federation, then the AdminUI returns error :

  Error: Unable to contact the LDAP directory to determine if it is an

  Active Directory directory, so that it can manage the group user

  policy appropriately. Correct the problem, and then resume the

  configuration of the partnership.

How can we solve this ?


  Policy Server 12.52SP1CR05;

  AdminUI 12.52SP1CR05;


At first glance, this issue might occurs if you have configured the

LDAP User Directory with multiples instances, and if you have

configured the instances for loadbalancing.

This issue is fixed in Policy Server 12.8. And there's a work around :

You can :

  temporarily modify the User Directory connection to use "failover";

  update the partnership to add the group, and then after saving the

  partnership modify the User Directory Connection back to


What is the LDAP User Directory configuration ?

This can also be due to a timeout between the Policy Server and the

LDAP User Directory :

  Could not reach LDAP directory to determine if it's an Active

  Directory, for correct handling of Group user policy. Please correct

  the issue and then resume partnership configuration.

- Document Reference: