PAM-CM-0270: LDAP Bind fail: Cannot contact LDAP server <xxxxxxxx.yyy.zzz>
search cancel

PAM-CM-0270: LDAP Bind fail: Cannot contact LDAP server <xxxxxxxx.yyy.zzz>

book

Article ID: 197884

calendar_today

Updated On:

Products

CA Privileged Access Manager (PAM)

Issue/Introduction

The following error message is displayed when trying to integrate the PAM installation with LDAP on a particular domain controller:
"PAM-CM-0270: LDAP Bind fail: Cannot contact LDAP server <servername>"

Environment

Product: Layer 7 Privileged Access Management
Version: 3.x

Cause

The catalina.out file shows the following errors:

**************************************************************************

Aug 18, 2020 2:28:41 PM org.apache.directory.ldap.client.api.LdapNetworkConnection writeRequest
SEVERE: Message failed : something wrong has occurred
Aug 18, 2020 2:28:41 PM com.ca.pam.rest.LDAPService createLdapConfig
SEVERE: LDAP Bind fail: Cannot contact LDAP server <servername>
Aug 18, 2020 2:29:46 PM org.apache.directory.ldap.client.api.LdapNetworkConnection exceptionCaught
WARNING: Connection reset by peer
java.io.IOException: Connection reset by peer
 at sun.nio.ch.FileDispatcherImpl.read0(Native Method)
 at sun.nio.ch.SocketDispatcher.read(SocketDispatcher.java:39)
 at sun.nio.ch.IOUtil.readIntoNativeBuffer(IOUtil.java:223)
 at sun.nio.ch.IOUtil.read(IOUtil.java:197)
 at sun.nio.ch.SocketChannelImpl.read(SocketChannelImpl.java:377)
 at org.apache.mina.transport.socket.nio.NioProcessor.read(NioProcessor.java:317)
 at org.apache.mina.transport.socket.nio.NioProcessor.read(NioProcessor.java:45)
 at org.apache.mina.core.polling.AbstractPollingIoProcessor.read(AbstractPollingIoProcessor.java:683)
 at org.apache.mina.core.polling.AbstractPollingIoProcessor.process(AbstractPollingIoProcessor.java:659)
 at org.apache.mina.core.polling.AbstractPollingIoProcessor.process(AbstractPollingIoProcessor.java:648)
 at org.apache.mina.core.polling.AbstractPollingIoProcessor.access$600(AbstractPollingIoProcessor.java:68)
 at org.apache.mina.core.polling.AbstractPollingIoProcessor$Processor.run(AbstractPollingIoProcessor.java:1120)
 at org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:64)
 at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
 at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
 at java.lang.Thread.run(Thread.java:748)

Aug 18, 2020 2:29:46 PM org.apache.directory.ldap.client.api.LdapNetworkConnection writeRequest
SEVERE: Message failed : something wrong has occurred
Aug 18, 2020 2:29:46 PM com.ca.pam.rest.LDAPService createLdapConfig
SEVERE: LDAP Bind fail: Cannot contact LDAP server <servername>

**************************************************************************

The error messages 'Connection reset by peer' use to appear when the other side resets the connection, most likely doesn't allow it, so either the domain controller itself, or a network device between the two are preventing it.

Resolution

Ask your network team, firewall team, security team or whoever in your organization that may be involved in the network device configuration to review the settings for possible configurations that may block the proper communication between the PAM server and the LDAP controller.

Powered by Wolken Software