VIP Enterprise Gateway LDAP error code 18870
search cancel

VIP Enterprise Gateway LDAP error code 18870

book

Article ID: 162122

calendar_today

Updated On:

Products

VIP Service

Issue/Introduction

 VIP Enterprise Gateway LDAP error code 18870

Cause

SAMPLE:
AUDIT "2013-08-24 21:43:06.168 GMT+0800" 10.32.45.12 ValidationEngine 0 18870 "text=Access DENIED Error 18870 occurred at VSAuthOTPFirstFactorImpl.c:512. Description: VSAuthOTPFirstFactorLDAPImpl._validatePassword() -- LDAP error., [email protected], op=authenticate, bizCont=off" Thread-3552 VSValidationEngine.c 
ERROR "2013-08-24 21:43:06.168 GMT+0800" 10.32.45.12 ValidationEngine 0 18870 "text=Error 18870 occurred at VSAuthOTPFirstFactorImpl.c:512. Description: VSAuthOTPFirstFactorLDAPImpl._validatePassword() -- LDAP error., user=..., op=authenticate, bizCont=off" Thread-3932 VSValidationEngine.c 

Resolution

Error 18870 means that first factor (AD password) is failing. 
 
Does the VIP Enterprise Gateway support the DNS round-robin? The VIP EG doesn’t support round-robin.  It will try to auto-connect with the available failover user store
 
What best practice can avoid a service impact if LDAP / AD service is down on one or more servers? Configure multiple user stores as failover to avoid the service impact. 
 
What error is seen in the VIP EG log if the first factor (AD password) is timing out? 
 
When LDAP Timeout happens, the log contains 0x4B03. i.e. 19428 
When LDAP First factor fails, the log contains 0x49B6. i.e. 18870 
 
Powered by Wolken Software