We have a password synchronization issue from Test AD to Test IDM.

Our AD team has upgraded PSA agent on one of the test servers and performed Password reset from this AD server. However, IDM did not receive any updated passwords.

It has been concluded that there are a lot of communication issues within PSA Logs. We internally tried changing the port number from 20390 to 20389  but this did not resolve the issue.

here are a lot of communication issues within your logs on the PSA:

            Error: ldap_simple_bind() failed while connecting to 'ldaps://<your host name>:20390'.
            LDAP error: Invalid credentials.
            Error: ldap_simple_bind() failed while connecting to 'ldaps://<your host name>:20390'.
            LDAP error: Invalid credentials.

Release : 14.3

Component : IdentityMinder(Identity Manager)

Reviewing the logs attached we see:

Psynch agent sends the password to the provisioning server

The provisioning server sends the password to the IM server

IM server receives the password via eta notify, and processes the password through the password policies, but has a problem setting the password with this error:

Caused by: javax.naming.CommunicationException: (customer's Hostname Removed):19389 [Root exception is java.net.ConnectException: Connection refused (Connection refused)]

  There are only a few causes for this error:

1) wrong hostname

2) wrong port

3) the service on that server is not started

4) networking issues between the servers such as firewall or DNS

Basic network troubleshooting can help you here, as Broadcom support is for software issues, and you have not upgraded or changed any Broadcom software something else in the environment is causing the issue.

Please check steps 1 through 4 with troubleshooting from your network team.