LDAP authentication fails with the error 4003

LDAP authentication fails with the error 4003

book

Article ID: CTX226259

calendar_today

Updated On:

Description


/tmp/aaad.debug :

/usr/home/build/rs_105_63_3_RTM/usr.src/netscaler/aaad/ldap_common.c[187]: ns_ldap_timeout_handler ldap server time out, sending error 
Wed Jun 28 03:43:22 2017 
/usr/home/build/rs_105_63_3_RTM/usr.src/netscaler/aaad/naaad.c[2263]: send_reject_with_code Rejecting with error code 4003 

Resolution



Increase the LDAP server timeout value on NetScaler.

Go to Authentication > LDAP > Server > Increase the timeout value more than the configured value.

Problem Cause


By default, LDAP timeout on NetScaler is 3 seconds. If the Backend LDAP server doesn't respond with either success or failure results within 3 secs, then NetScaler will timeout and fails the authentication.

The time out could be because of Network latency or backend LDAP server takes more time than the given timeout value to search for the user

Issue/Introduction

When user tries to authenticate against LDAP server , the authentication fails and in the aaad.debug log we could see the below error /usr/home/build/rs_105_63_3_RTM/usr.src/netscaler/aaad/ldap_common.c[187]: ns_ldap_timeout_handler ldap server time out, sending error Wed Jun 28 03:43:22 2017 /usr/home/build/rs_105_63_3_RTM/usr.src/netscaler/aaad/naaad.c[2263]: send_reject_with_code Rejecting with error code 4003
Powered by Wolken Software