AdminUI won't bind to AD for Administrative Authentication.
When going through external admin store configuration wizard, admin enters external user directory connection information, ends up getting an error in admin ui:
Error: A connection to the LDAP directory 'ad.demo.com:389' could not be established for user 'ad_service_account', please check the connection details and try again.
Customer has verified that the AD service account and password are correct.
Policy server: 12.8sp2, 12.8sp3
If AD is listening on default port 389, you may remove the port number to move forward within wizard.
If AD is listening on non default port, then you must provide the specific port.
If the LDAP server is listening on secure port and still can not bind with exact same error, even after root CA certificate is imported.
There is a documented defect fixed in 12.8sp4.
01234914, 01253095, 31919674
DE397317, DE394001, DE463142
Administrative UI fails to connect to an external administrative authentication store using TLS 1.2.
Dev fix : cacommons.jar
STEPS TO INSTALL DEVFIX:
1- stop adminui
2- take the back up of original file cacommons.jar from adminui installed path /opt/CA/siteminder/adminui/standalone/deployments/iam_siteminder.ear/library/ to another location.
3- copy the new file to adminui installed path /opt/CA/siteminder/adminui/standalone/deployments/iam_siteminder.ear/library/
4- start AdminUI
DE394001 12.7 Linux version cacommons.jar
DE495124, DE389355 cacommons.zip file contains 12.8 Windows cacommons.jar