Skip to main content
Waters

Error: Can't contact LDAP server (from SDMS Administrator for Secure LDAP connection test) - WKB7437

Article number: 7437

SYMPTOMS

  • SSL or TLS is enabled in the LDAP authentication settings in SDMS Administrator
  • On clicking the Test Connection button, the following message appears:
    • The following error occurred while trying to connect to server
      <host:port>
      [NG17543] LDAP driver reports error : Can't contact LDAP server
      (81)
      Can't contact LDAP Server
      Unable to bind to LDAP server

    • "host" is the LDAP server's name; "port" is the server's TCP port for secure LDAP communications (this port number is often 636)

  • The connection test is successful if SSL is disabled in the LDAP authentication settings

ENVIRONMENT

  • NuGenesis 9 SDMS
  • NuGenesis 8 SDMS

CAUSE

When the connection test fails with SSL/TLS but succeeds without encryption, the problem most likely stems from the certificates to the NuGenesis applications. SDMS needs enough certificates to verify the LDAP server's identity. This set of certificates generally comprises the Certificate Authority (CA)'s trusted root certificate, and possibly more than one if there are intermediate CAs in the certification chain. The exact set of certificates required is customer-specific and depends on the structure of CAs within the organization.

FIX or WORKAROUND

  1. Request copies of the LDAP server certificate and the trusted root certificate from the CA. For instructions on installing the certificates, please see the following articles:
  2. Repeat the connection test in SDMS Administrator
  3. If the test still fails, then use the SSLTap tool to troubleshoot the connection. Find out how to obtain a copy of SSLTap in the article How to find a list of troubleshooting tools for NuGenesis software.  See the article How to use SSLTap to troubleshoot SSL connection errors for instructions on the SSLTap tool.

ADDITIONAL INFORMATION

 

id7437, comms, SDMS, SDMS8, SDMS8NU, SUPISDMS, SUPNG

Not able to find a solution? Click here to request help.