This forum is closed to new posts and responses. Individual names altered for privacy purposes. The information contained in this website is provided for informational purposes only and should not be construed as a forum for customer support requests. Any customer support requests should be directed to the official HCL customer support channels below:

HCL Software Customer Support Portal for U.S. Federal Government clients
HCL Software Customer Support Portal


~Umberto Fezfooteroopsi
Jun 23, 2015, 12:50 PM
11 Posts
topic has been resolvedResolved

Directory assistance

  • Category: Domino Server
  • Platform: Linux
  • Release: 9.0.1
  • Role:
  • Tags:
  • Replies: 5

Hi,

I configured Direstory assistance against Tivoli Directory server.

Configuration was verified with verify buttons in LDAP configuration section and all were success (hostname, auth. credential for search and base DN)

 After restart I have this message on domino console:

<LDAP GW> LDAP server is unavailable ReturnCode=0x0051 (Can't contact LDAP server)

 

Thank you

 

~Dexter Deswechekynds
Jun 23, 2015, 1:28 PM
191 Posts
Some things you can try
  • Try the verify buttons again, after the restart
  • Use a different LDAP client on the Domino system or telnet to port 389/636
  • Use an LDAP client or telnet on another system to make sure it's not the LDAP server
~Umberto Fezfooteroopsi
Jun 23, 2015, 1:52 PM
11 Posts
Re:Some things you can try

I touch verify buttons after restart and it's ok.

Connections from softerra LDAP browser with LDAP BIND user is ok.

I tried telnet to port 636 from Red Hat where is installed domino.

It's connected for one second and then I get: Connection closed by foreign host.

 

This is one more new message from domino console after sever restart:

[05891:00006-13432640] 06/23/2015 03:39:54 PM  Error attempting to access the Directory *server.acme.com:636 (no available alternatives),  error is LDAP Server is NOT available.

 

 

~Dexter Deswechekynds
Jun 23, 2015, 8:51 PM
191 Posts
I'd guess it's related to the LDAP certificate
I'm assuming the LDAP browser approach was also over LDAPS and that it was successful. If so, that probably means you are experiencing a certificate failure of some kind when communicating with the LDAP server and that it manifests as the server being unavailable. As a test, switch to LDAP (389) and see if this works. If so, you'll need to make sure you have an internet cross-certificate for the LDAP server's certificate.

As far as I remember, the validation buttons are unreliable when using LDAPS.
~Umberto Fezfooteroopsi
Jun 24, 2015, 2:08 PM
11 Posts
Re:I'd guess it's related to the LDAP certificate

When I changed configuration to port 389 all worked fine.

I made internet cross certificate and it's ok.

 

Thank you for help


This forum is closed to new posts and responses. Individual names altered for privacy purposes. The information contained in this website is provided for informational purposes only and should not be construed as a forum for customer support requests. Any customer support requests should be directed to the official HCL customer support channels below:

HCL Software Customer Support Portal for U.S. Federal Government clients
HCL Software Customer Support Portal