Frequent Directory sync issues on VMware Identity Manager/vIDM
search cancel

Frequent Directory sync issues on VMware Identity Manager/vIDM

book

Article ID: 394882

calendar_today

Updated On:

Products

VCF Operations/Automation (formerly VMware Aria Suite)

Issue/Introduction

  • Frequent directory sync issues on domains due to which there is a blocker for domain user authentication. 


  • While syncing the  group, it can receive the following errors via directory's Sync Settings > Sync Log page 

-Failed to complete sync. Please check safeguards

-Problem querying directory for query OU=xxx,OU=xx,OU=xx,DC=xxx,DC=xxx: Host ldap://xxxxx, Reason - LDAP connection has been closed. 

 

Environment

 VMware Identity Manager / vIDM 3.3.7

Resolution

  • Safeguards

To successfully complete the synchronization, you can either increase the percentage threshold of the safeguard on the Sync Safeguard settings page, or you can schedule a dry run of the sync and check Ignore Safeguards. When you select to ignore the

safeguard threshold value, the safeguard values are not enforced for this sync session only. When directory sync is run the first time, the sync safeguard values are not enforced. 

  •  LDAP connection has been closed

Check connectivity between VMware Identity Manager / vIDM by running these commands bellow, via SSH using root credentials from VMware Identity Manager / vIDM node(s).

ping ldap_server

curl -v telnet://ldap_server:port

curl -v https://ldap_server:port 

Check LDAP Server Status

Note:

Check the port (default is 389 for LDAP, 636 for LDAPS):

 

Additional Information

Powered by Wolken Software