The Search for an LDAP or AD Group Fails

Publication Date:  2012-07-18 Views:  96 Downloads:  0
Issue Description

During the search for an LDAP group, the prompt LDAP search failed is displayed.

Alarm Information
None
Handling Process
  • Cause one: The LDAP server does not exist or there is no reachable route to the LDAP server.

     

    1. Log in to the Web-based NMS, and then click System Maintenance in the System Management navigation tree. Click the Remote Test tab. The configuration page is displayed.
    2. Select Ping from the Network test drop-down list.
    3. Enter the IP address of the LDAP server in IP address/Host name.
       NOTE:
      If you enter the host name for testing, you need to enter the name of the virtual gateway in Virtual gateway name of Advanced Parameter Options. Otherwise, the host name cannot be correctly resolved.
    4. Click Ping to check the network connection.
    If the LDAP server cannot be pinged through, it indicates that there is no reachable route. Check whether the LDAP server exists and troubleshoot the network fault.

     

  • Cause two: The information about the LDAP server is incorrectly configured.

     

    1. Click  in the Virtual Gateway List navigation tree to unfold the node. Then click Authentication and Authorization Configuration and the Authentication and Authorization Server Configuration tab. The configuration page is displayed.
    2. Under the Authentication and Authorization Configuration>>Server Configuration>>LDAP Server title bar, check whether the information about the LDAP server is correct.
    3. If the information is incorrect, re-configure it.

     

  • Cause three: The base DN/port DN for searching a group is incorrectly configured.

     

    1. Click  in the Virtual Gateway List navigation tree to unfold the navigation node. Then click External Group Configuration and the LDAP Group Management tab.
    2. Click the corresponding  of the group.
    3. Change the value of BaseDN/PortDN. The BaseDN/PortDN in the searching conditions must be identical with that on the LDAP server.

     

  • Cause four: The searching rules do not comply with specifications.

     

    1. Click  in the Virtual Gateway List navigation tree to unfold the navigation node. Then click External Group Configuration and the LDAP Group Management tab.
    2. Click the corresponding  of the group.
    3. Modify the searching rules according to Search filter on the page.

     

Root Cause
NOTE:
Since the cause and troubleshooting procedure for the failure in searching for an AD group are similar to those for the failure in searching for an LDAP group, the following takes LDAP as an example.

Cause one: The LDAP server does not exist or there is no reachable route to the LDAP server.

Cause two: The information about the LDAP server is incorrectly configured.

Cause three: The base DN/port DN for searching a group is incorrectly configured.

Cause four: The searching rules do not comply with specifications.

Suggestions
None.

END