After upgrade to Aria Operations 8.18x from previous version, AD authentication is no longer working, the following repeated errors are displayed:
analytics-XXXXX-XXXX-XXXX-XXX-XXXXXXXXXX.log:Caused by: java.security.cert.CertificateException: No subject alternative names matching IP address XXX.XXX.XX.XXX found
vcops-bridge.log:2024-10-11T17:25:13,422+0000 ERROR [ServerConnection on port 10000 Thread 11] com.vmware.vcops.bridge.server.BridgeTracerAspect.processBridgeResult - Test unsuccessful for ldap: XXX.XXX.XXX.XXX. Host Unreachable. Reason: ConnectException: Connection refused (Connection refused)
analytics-XXXXX-XXXX-XXXX-XXXX-XXXX.log:2024-10-11T15:01:08,601+0000 ERROR [DistTaskSync-XXXX-XXXX-XXXX-XXX-XXXXX] com.vmware.vcops.auth.server.ldap.Sync.run - Groups sync for ldap: NIH failed: Unable to fetch users from LDAP server
Aria Operations 8.18.0 and greater
the issue is with missing SAN (subject alternative name) in the active directory certificate. The AD/LDAP DC controller(s) cannot be reached from the Aria Operations Analytics nodes.
Re-issue the AD certificate that contain reference to the domain in the SAN.