3 Replies Latest reply on Aug 5, 2016 2:07 PM by jesse.fuller

    Trouble creating LDAP connection

    erwinh

      I've tried to set up LDAP.

      These are our settings:

       

      Primary: host 188.202.61.154

      Port: 389

      Base DN: ou=org,dc=anker,dc=gin

       

      When i enter these credentials I get the following message: Fout bij verbinden met directoryserver op ldap://188.202.61.154:389. Zorg ervoor dat de directoryserver uitvoert op de gespecificeerde hostnaam en poort en dat een firewal toegang tot de server niet blokkeert.

      Translated: Error connecting directory server on ldap://188.202.61.154:389. Ensure that the directory server is running at the specified host name and port and that a firewall is not blocking access to the server.

       

      This IP is natted to our internal server. Now I also have access to our firewall and I see no activity on port 389. You could say that this IP does not belonging to our organization but I have a other SaaS application that works and uses also LDAP (and works). Also the credentials are not an issue. If these were wrong I would still be seeing activity on port 389.

       

       

       

      Did some testing: my findings: port 8080 in the console givs: Error connecting to the directory server at ldap://188.202.61.154:8080. Ensure that the directory server is running at the specified host name and port and that a firewall is not blocking access to the server.

      Logging firewall:  2016-07-07 14:44:33 Deny 204.93.80.118 188.202.61.154 webcache/tcp 61219 8080 0-GLAS Firebox Denied 60 52 (Unhandled External Packet-00)  proc_id="firewall" rc="101" msg_id="3000-0148" tcp_info="offset 10 S 1208583647 win 2105"

       

      Changed it to port 80 givs a error Error connecting to the directory server at ldap://188.202.61.154:80. Ensure that the directory server is running at the specified host name and port and that a firewall is not blocking access to the server.

      Logging firewall:  2016-07-07 14:44:01 Deny 204.93.80.119 188.202.61.154 http/tcp 59197 80 0-GLAS Firebox Denied 60 52 (Unhandled External Packet-00)  proc_id="firewall" rc="101" msg_id="3000-0148" tcp_info="offset 10 S 4284650947 win 2105"

       

      Changed it to port 443 error: 188.202.61.154:443; socket closed and no activity on our firewall.

       

      and finally port 389 Error connecting to the directory server at ldap://188.202.61.154:389. Ensure that the directory server is running at the specified host name and port and that a firewall is not blocking access to the server. and nothing is happening in our firewall.

       

       

       

      Now Jive did also some testing on july 8th and found in our firewall this test:

      FWAllow, Allowed, pri=4, disp=Allow, policy=LDAP-.in-00, protocol=ldap/tcp, src_ip=85.17.187.195, src_port=58033, dst_ip=188.202.61.154, dst_port=389, dst_ip_nat=172.16.2.11, src_intf=0-GLAS, dst_intf=1-LAN, rc=100, pckt_len=52, ttl=115, pr_info=offset 8 S 606052696 win 32

      This testing is done from ip 85.17.187.195 and the webinterface from ip 204.93.80.118

       

       

      My conclusion is that the the webinterface for setting up LDAP -> People -> Directory server is not working correctly.

       

      Kind regards

      Erwin Henstra

        • Re: Trouble creating LDAP connection

          Hi Erwin,

           

          Reviewing through your description of the behavior I would recommend submitting a case in your customer group here in the Jive Community so that the next available member of our support team can assist with further investigations specific to your instance.

           

          Thanks!

            • Re: Trouble creating LDAP connection
              erwinh

              Hi Jesse,

              Sorry for my ignorance, but I thought Jive support could help me. Where do I find my customer group?

              Kind regards

              Erwin

                • Re: Trouble creating LDAP connection

                  Hi Erwin,

                   

                  No worries, to find your customer group, if your community manager has added you to the group, you should find it under the Get Help >> MyJive Group link found at the top of this page.

                   

                  Screen Shot 2016-08-05 at 2.05.07 PM.png

                   

                  However, if you are not taken to your customer group, please reach out to the community manager for your instance as they will need to invite you to the group so that you can submit cases on behalf of your company.

                   

                  Thanks!

                  1 person found this helpful