search cancel

DX NetOps Portal LDAP authentication failures

book

Article ID: 230528

calendar_today

Updated On:

Products

CA Performance Management - Usage and Administration DX NetOps

Issue/Introduction

PM is unable to connect to active directory and so no user can logon

Users are unable to log in to the DX NetOps Performance Management PC Portal web UI using their LDAP Active Directory based account.

LDAPS for HTTPS is configured. The LDAPS configuration via SsoConfig is as follows. It was working but no longer does.

Config:
Connection User: {0}
Search Domain: LDAPS://<LDAP_Host>:636/ou=<value>,ou=<value>,DC=<value>,DC=<value>
Search String: [sAMAccountName={0}}
Search Scope: Subtree
User Bind: Disabled
Encryption: DIGEST-MD5
Account User: {SAMAccountname}
Account User Default Clone: user
Status: Enabled
Timeout: 10000

When we use the Test LDAP option via SsoConfig we see the following error.

Could not obtain a DirectoryContext.
javax.naming.CommunicationException: SASL bind failed: <LDAP_Host>:636 [Root exception is java.net.SocketException: Connection or outbound has closed]

Environment

All supported DX NetOps Performance Management releases

Cause

The existing HTTPS Certificate from LDAP had changed but was not yet updated in the PC Portal system.

Resolution

Export the new HTTPS SSL Certificate from the LDAP server and import it to Performance Center.

The steps to complete that process are found on the Import the LDAP Certificate documentation page.