Skip to main content
Waters Employee Login
 
Waters

The error "Can't contact LDAP server (-1) : (null)" appears when testing an LDAP connection with TLS in NuGenesis 9 SDMS - WKB59312

  1. Last updated
  2. Save as PDF
Article number: 59312

SYMPTOMS

  • The following error message appears in SDMS Administrator when testing an LDAP connection with TLS:
    • Can't contact LDAP server (-1) : (null)
  • The LDAP connection test works if TLS is not selected

ENVIRONMENT

  • NuGenesis 9 SDMS
  • The LDAP server's certificates are copied into the Trusted Root Certificate Authorities store in Windows

CAUSE

Port 636 or 6360 was configured for the TLS connection. In NuGenesis 9, secure LDAP connections use port 389 and send the "STARTTLS" command in the connection in order to encrypt the data transfer.

FIX or WORKAROUND

Use port 389 for all of the LDAP servers (up to five) in the list.

ADDITIONAL INFORMATION

See also: WKB76455 for the equivalent error in Empower 3 FR5

Per the IETF's RFC2830, the old means of securing LDAP connections via port 636 is deprecated. NuGenesis 9 was updated to use the standard "STARTTLS" mechanism for securing LDAP connections.

id59312, SDMS, SDMS8, SDMS8NU, SUPISDMS, SUPNG

Not able to find a solution? Click here to request help.