search cancel

LDAP authentication with SSL fails after upgrading to UIM 20.1 on Linux

book

Article ID: 189531

calendar_today

Updated On:

Products

DX Unified Infrastructure Management (Nimsoft / UIM)

Issue/Introduction

UIM 20.1 on Linux OS with Hub 9.30 Build 1209

Problem:
Admin Console, UMP and IM ldap login fails with the following errors in the hub.log:

Hub.log
hub: diagnostic [error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed (unable to get local issuer certificate)]
0 hub: ldap_server_login - failed for ldapserver.domain.net: auth (ldap_simple_bind_s) failed: 'Can't contact LDAP server' (-1) (2)

wasp.log
ERROR [http-nio-80-exec-7, com.nimsoft.nimbus.probe.service.wasp.auth.LoginModule] login() User 'LDAPUSer' login failed

Note: The same error is produced when clicking on the "Test" option in the Hub Config -> General -> Settings -> LDAP Menu.

Cause

Problem in Hub 9.30 Build 1209 that will be resolved in a future Hub hotfix

Environment

Release : 20.1

Component : UIM - HUB

Resolution

1. Create a .ldaprc file in your primary hub(hub from which you are connecting to LDAP) and fill with the content below.

TLS_REQCERT allow

2. Add LDAPRC variable to the Controller Environment menu with the path to the .ldaprc file

Example:



3. Restarted the hub (./opt/nimsoft/bin/niminit start)

Additional Information

See HUB - Enable Login with LDAP 
https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/it-operations-management/unified-infrastructure-management/20-1/installing/optional-post-installation-tasks/enable-login-with-ldap.html

Attachments