Ldapbind Via SSL To AD Server Fails With: Unknown Error Encountered
(Doc ID 1288764.1)
Last updated on JANUARY 18, 2024
Applies to:
Oracle Internet Directory - Version 11.1.1.1.0 and laterInformation in this document applies to any platform.
Symptoms
Oracle Internet Directory (OID) Server has been properly synchronizing with Active Directory (AD) without SSL. Non-SSL communication works as expected.
After configuring DIP to connect to AD over SSL, synchronization no longer works.
AD has been properly setup and tested for SSL communication on port 636 and is accepting external connections. Also exported the CA Certificate from the AD server by following <Note 178806.1> and imported it into the Wallet on the OID server.
To test communication over SSL to the AD server, using ldapbind command:
This returns:
After using debugging with the ldapsearch tool, ie -d -1 as outlined in <Note 470885.1>, it looks like the Wallet cannot be opened as the message now included is "Open Wallet failed."
Already verified the wallet path and password.
Changes
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Changes |
Cause |
Solution |
References |