LDAP SSL - invalid user account-LdapErr-DSID-0C090FB4-Error-initializing-SSL

LDAP SSL - invalid user account-LdapErr-DSID-0C090FB4-Error-initializing-SSL

book

Article ID: CTX222350

calendar_today

Updated On:

Description

ISSUE: 

User can not login after changing LDAP authentication to LDAP SSL authentication.

Error message:   Invalid user account.

 

Symptom:

Check the Network Trace and found.

For TLS: 

22283 2017-03-09 16:54:29.344825357 2.2.2.2 2.2.2.3  LDAP 232 extendedResp(1) (00000000: LdapErr: DSID-0C090FB4, comment: Error initializing SSL/TLS, data 0, v2580) LDAP_START_TLS_OID 

For SSL: 

14866 2017-03-09 16:58:03.877887450 *** IP address deleted** TCP 89 636→54389 [RST, ACK] Seq=1 Ack=1 Win=0 Len=0 

Resolution

Root cause:

 Per to error code below:

"LdapErr: DSID-0C090FB4, comment: Error initializing SSL/TLS, data 0, v2580"

 CA issued cert needs to be implemented.

Solution:

Please configure the LDAP certificate before using LDAPS on Netscaler:

https://support.microsoft.com/en-us/help/321051/how-to-enable-ldap-over-ssl-with-a-third-party-certification-authority 

Problem Cause

LDAP server certificate configuration is necessary
 
Powered by Wolken Software