UVMS: The server cannot be reached: LDAP Access denied

book

Article ID: 86736

calendar_today

Updated On:

Products

CA Automic Dollar Universe

Issue/Introduction

While login to UVMS with a LDAP Account, we get the following error:

==========================================================
The server cannot be reached: LDAP Access denied
==========================================================


Check with unicheckldap:

==========================================================
./unicheckldap -login "Compte $U Ldap Bind" -password *******************
UVMS configured with INTERNAL authentication.

Loading ldap.xml
********************
ldap.xml loaded. 1 configuration(s) found(s)
********************

Checking configuration: [LDAP Repository]:
Host: vmsdmdc003uuuu.orsyptst.com Port: 389 SSL: false
cannot connect to ldap server: javax.naming.CommunicationException: vmsdmdc003uuuu.orsyptst.com:389 [Root exception is java.net.UnknownHostException: vmsdmdc003uuuu.orsyptst.com]
FAILURE Host: vmsdmdc003uuuu.orsyptst.com configuration is KO
********************
==========================================================
This error messages shows clearly that the ldap server cannot be reached 


Description :Ldap authentication ceased to work. Login of LDAP user is no longer possible in UVC

Cause

 The problem is due to the fact that the name of the host running the ldap has changed and not been updated in the ldap.xml:
Parameter .... in ldap.xml is no longer valid and must be updated:vmsdmdc003uuuu.orsyptst.com
 

Environment

OS: Linux

Resolution

The ldap.xml must be updated with the new hostname of the ldap server and uvms must be restarted.

The new settings must be checked with unicheckldap

========================================================================================
./unicheckldap -login pos -password XXXXXXXXX
UVMS configured with INTERNAL authentication.

Loading ldap.xml
********************
ldap.xml loaded. 1 configuration(s) found(s)
********************

Checking configuration: [LDAP Repository]:
Host: vmsdmdc002.orsyptst.com Port: 389 SSL: false

---------------------------------------------
supported SASL mechanisms:
+ GSSAPI
+ GSS-SPNEGO
+ EXTERNAL
+ DIGEST-MD5
DIGEST-MD5 mechanism supported.
---------------------------------------------
SUCCESS Host: vmsdmdc002.orsyptst.com configuration is OK
User search filter: (samaccountname=!login!)
User list search filter: objectclass=person
Group list search filter: (objectClass=group)
Nested group: false
Referral: true
SUCCESS Login: pos found on the LDAP server
SUCCESS Login: pos authentication successful

========================================================================================

The server must be reachable
The user must be found
The password must be correct