Troubleshooting LDAP connection issues
Use this information to troubleshoot possible Lightweight Directory Access Protocol (LDAP) connection issues.
About this task
During the LDAP authentication process, general authentication
or internal authentication failures might occur, that can prevent
a successful login. General authentication failures are due to incorrect
user name and password entries. Internal authentication failures
can be caused by any of the following errors:
- connection error
- connection timeout
- filter syntax error
- search attribute error
- communication error
- resource shortage error
Your user name or password is not valid.When a user reports that they cannot log in to the system, even though they are typing the correct password, the administrator can review system events to find out what is causing the authentication issue.
Note: Numerous
types of events might be recorded in the system log. To only view
LDAP events, sort them by changing the Type field to LDAP.
If LDAP does not appear in the list, that means that no LDAP connection
issues were detected.
A message might be displayed in the log,
similar to the following example: CWZIP4665W: The connection to LDAP has failed. The following error occurred: CommunicationException: 172.16.248.10:389
This message communicates that an error occurred during a connection attempt to the LDAP server, which might be due to an incorrect Cloud Pak System login. It can also be caused by a mis-configured parameter under the LDAP settings tab. To troubleshoot LDAP connection failures, complete the following procedure:
Procedure
Results
A resolution event entry is created on the Events page, that informs you that the connection to the LDAP server has been restored, following an internal error with the LDAP server. The event is generated only once a successful request to the LDAP server has been made. You might see a message similar to the following example:
CWZIP4666I: The connection to LDAP has been restored.