Symantec VIP Self service portal (SSP) or VIP Radius services not starting - or - LDAP Synchronization failing
search cancel

Symantec VIP Self service portal (SSP) or VIP Radius services not starting - or - LDAP Synchronization failing

book

Article ID: 234769

calendar_today

Updated On:

Products

VIP Service

Issue/Introduction

Unable to start Self service portal (SSP) and/or Radius services on the VIP Enterprise Gateway Server. Will also prevent the LDAP Synchronization from completing.

Cause

Any service that requires a User Store connection requires the User Stores to have a currently valid connection in order to start. When one of the User Stores will not connect, it will prevent the Self Service Port, Manager IdP, and any Radius service (configured with User Store connection) from starting. This will also prevent the LDAP Synchronization from completing.

Resolution

The VIP Self-Service Portal log will have the most accurate information on the User Store connection:

<INSTALL DIR>Symantec\VIP_Enterprise_Gateway\IDP\services\SSP\logs\service.log

 

This error refers to the Bind User account from the 'User Store > Connection' failing to connect to the LDAP Directory.

LDAP Result Code 49 sub-codes for Authentication Failures (source: https://learn.microsoft.com/en-us/windows/win32/debug/system-error-codes--1300-1699-):

Most common errors found:

  • 525 = user object not found
  • 52e = invalid password/credential
  • 53f = credential policy violation
  • 530 = time restriction in place
  • 531 = not permitted to logon at this workstation
  • 532 = password expired / DN username mismatch
  • 533 = account disabled
  • 568 = too many context identifiers
  • 701 = account expired
  • 773 = username/password valid, must reset password
  • 775 = account lockout

 

To resolve this issue verify the Bind User account and password are still valid and that the password is set to "Never Expire".

 

Powered by Wolken Software