Could not connect to the directory server using the specified network parameter

book

Article ID: 198865

calendar_today

Updated On:

Products

Data Loss Prevention Network Monitor and Prevent for Email and Web

Issue/Introduction

  • You just upgraded to Symantec Data Loss Prevention (DLP) 15.7 and you are getting an error when trying to test your Active Directory server connection.
  • Incident attributes are also not populating in the incident details page.

Cause

SSL communication is enabled in the Directory Server Connection settings and the previously configured certificates or path are no longer working.

You see the following error in the tomcat localhost log:

File: Enforce\logs\tomcat\localhost.yyyy-mm-dd.log
Date: m/d/yyyy hh:mm:ss am/pm
Thread: nnn
Level: WARNING
Source: com.vontu.manager.admin.directoryconnection.DirectoryConnectionManager
Message: Test Directory Connection Failed: 
Cause:
org.springframework.ldap.CommunicationException: simple bind failed: AD_server_name:port; nested exception is javax.naming.CommunicationException: simple bind failed: AD_server_name:port [Root exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target]org.springframework.ldap.CommunicationException: simple bind failed: AD_server_name:port; nested exception is javax.naming.CommunicationException: simple bind failed: AD_server_name:port [Root exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target]

Environment

Release : 15.x

Component : Enforce Server

Resolution

Reconfigure the certificate on the Enforce server by following the steps in the help guide Importing SSL certificates to Enforce or Discover servers.