Adding Active Directory Authentication Source fails with “Test unsuccessful for ldap:” and “Host Unreachable. Reason: SocketTimeoutException: connection timed out” messages for the Host.
Aria Operations 8.x
The most likely cause is the network security configuration (like a firewall).
Confirm that network security configuration is preventing connections from to port 636 on the Active Directory host from the VMware Aria Operations nodes.
From a root shell on a VMware Aria Operations node, perform tests like
curl -k -v telnet://AD_HOST:636
echo | timeout 1 openssl1 s_client -showcerts -connect AD_HOST:636 2>/dev/null | openssl x509 -noout -issuer -subject -dates
where AD_HOST is the FQDN of the Active Directory host that is to be used as the authentication source.
If these command line tests fail with timeouts, you have confirmed that the error messages “Test unsuccessful for ldap:” and “Host Unreachable. Reason: SocketTimeoutException: connection timed out” that were returned by running the TEST of the VMware Aria Operations Active Directory Authentication Source configuration are caused by something other than the VMware Aria Operations product code. Network security configuration (like a firewall) is the most likely cause.
Work with your network security team to allow the test commands to connect.