Simple Bind error connecting to LDAPS. LDAP/LDAPS Connection Slowness.
search cancel

Simple Bind error connecting to LDAPS. LDAP/LDAPS Connection Slowness.

book

Article ID: 138527

calendar_today

Updated On:

Products

CA Application Performance Management Agent (APM / Wily / Introscope) CA Application Performance Management (APM / Wily / Introscope) INTROSCOPE

Issue/Introduction

After configuring LDAP to use SSL in realms.xml, user is getting a simple bind error while logging in to Workstation/Webview. 

 

 A simple bind error is usually due to 

1) TLS version

2) Ciphersuites used

3) Username/password issues

4) bind account issues

5) Certificate issues.

 

Login is slow whether LDAP or LDAPS. Nested group search is off.

Environment

APM 10.7, Active Directory 

Cause

Keystore/Certificate Issues

Resolution

The following resolved the issue:

 1) Use the default 10.7 keystore and add root/intermediate certificates. This eliminated the simple bind error.

2) Add the root/intermediate certificate to the Java keystore. This allowed successful authentication.

3) To have faster logins, point directly to the Active Directory Domain Controller. This is port 6328 (LDAP) or 6329 (LDAPS). Login went from 15 minutes to a few seconds. 


Powered by Wolken Software