PAM-CM-0271 error occurs when it tries to add the LDAP domain.
search cancel

PAM-CM-0271 error occurs when it tries to add the LDAP domain.

book

Article ID: 16174

calendar_today

Updated On:

Products

CA Privileged Access Manager - Cloakware Password Authority (PA) CA Privileged Access Manager (PAM)

Issue/Introduction

PAM Admin attempted to add the LDAP domain but the following error occurs. What is a possible cause is?

"PAM-CM-0271: LDAP Bind fail: Invalid Credentials"

However the same LDAP Account the password has been successfully validated.

Environment

CA Privilege Access Manager 3.x and 4.x

Resolution

When validating a LDAP user's password, we attempt both the sAMAccountName and/or the Distinguished Name, if either one is successful, we validate the password. 

However when importing the LDAP Domain in PAM UI > Configuration > 3rd Pary > LDAP > We use the  "Distinguished Name" field. If this is incorrect, this is the root cause of the problem.

To verify go to PAM UI > Credentials > Manage Targets > Accounts > A specific account > Active Directory/LDAP > It should be set appropriately. Here is the for example.

 

 

 

Powered by Wolken Software