Unable to configure the RADIUS validation server with LDAPS user store enabled on Symantec VIP Enterprise Gateway

search cancel

Unable to configure the RADIUS validation server with LDAPS user store enabled on Symantec VIP Enterprise Gateway

book

Article ID: 234449

calendar_today

Updated On:

Products

VIP Service

Issue/Introduction

We see below error in the logs when configuring LDAPS SSL.

ERROR "2022-01-19 10:52:03.682 GMT+0000" "[VipDiagnostic:testLDAPConnectivityFromValServer] LDAP Bind failed. Error: UNKNOWN_ERROR. Error code: 0x51."

AND

ERROR "2022-02-11 04:38:13.630 GMT0000" 0.0.0.0 LDAPS:1815 0 81 "text=code=81 desc=ldap_connect():Failed Server Down elapsed time 0.000" Thread-744 VSValidationServer.cpp

Environment

EG 9.9.2, 9.10

Cause

Either intermediate or CA certificate missing from the Windows certificate store.

Resolution

Adding the root and the intermediate certificate to the Windows certificate store.

Navigate to MMC (Enterprise Gateway Server) -> Add/Remove Snap-in -> Certificates and import the root and the intermediate certificates that are associated with LDAP.

Please Note: Above resolution works, only if the LDAPs bind and Test connection from EG console is successful.

Additional Information

Please refer to the Microsoft KB and LDAP Wiki for the LDAP Bind errors: " LDAP Bind failed. Error: UNKNOWN_ERROR. Error code: 0x51." and text=code=81 desc=ldap_connect().

https://docs.microsoft.com/en-us/previous-versions/windows/desktop/ldap/return-values

https://ldapwiki.com/wiki/LDAP%20Result%20Codes

Feedback

thumb_up Yes

thumb_down No