"Could not connect to LDAP server" When Trying to Update PAMSC Bind Account's Password
Article ID: 408705
Updated On:
Products
Issue/Introduction
When trying to update the AD bind account for Enterprise Management in idmmanage, the following error occurs.
- Could not connect to LDAP server adserver.example.com:389 with User DN CN=ExampleBindUser,OU=Users,DC=example,DC=com and specified password
Environment
PAM Server Control 14.1
Cause
As part of the instructions to Enable CA Identity Manager Management Console, Wildfly has to be restarted. If the bind account's password was changed in Active Directory before Wildfly was restarted, then the initial LDAP connection cannot be made during Wildfly start up and idmmanage will be unable to update ac-dir with the new password.
Resolution
Set the bind user's password back to the original value in Active Directory and restart Wildfly with idmmanage enabled. Once Wildfly is started with a clean LDAP bind, then update the password in AD and upload the new ac-dir xml in idmmanage.
If the password cannot be rolled back to the original value, please open a support case and refer to this KB article.
Additional Information
When updating the bind user's password in the future, please refer to KB408856 - How To Update the LDAP Bind User for PAMSC Enterprise Management for the exact order of steps needed to update the password.
Feedback
