search cancel

AdminUI won't bind to LDAP for Administrative Authentication with error "A connection to the LDAP directory could not be established"


Article ID: 211488


Updated On:


SITEMINDER CA Single Sign On Agents (SiteMinder) CA Single Sign On Federation (SiteMinder)


AdminUI won't bind to AD for Administrative Authentication. 

When going through external admin store configuration wizard, admin enters external user directory connection information, ends up getting an error in admin ui:

Error: A connection to the LDAP directory '' could not be established for user 'ad_service_account', please check the connection details and try again.


Windows 2012

Policy server: 12.8sp2, 12.8sp3


Customer has verified that the AD service account and password are correct.


If AD is listening on default port 389, you may remove the port number to move forward within wizard.

If AD is listening on non default port, then you must provide the specific port.

If the LDAP server is listening on secure port and still can not bind with exact same error, even after root CA certificate is imported.

There is a documented defect fixed in 12.8sp4.

01234914, 01253095, 31919674
DE397317, DE394001, DE463142
Administrative UI fails to connect to an external administrative authentication store using TLS 1.2.

Dev fix : cacommons.jar 


1- stop adminui

2- take the back up of original file cacommons.jar from adminui installed path /opt/CA/siteminder/adminui/standalone/deployments/iam_siteminder.ear/library/ to another location.

3- copy the new file to adminui installed path /opt/CA/siteminder/adminui/standalone/deployments/iam_siteminder.ear/library/

4- start AdminUI

Additional Information

DE394001 12.7 Linux version cacommons.jar
DE495124, DE389355 file contains 12.8 Windows cacommons.jar

Attachments get_app
1621459200669__cacommons.jar get_app