000017475 - When configuring LDAP or LDAPS in RSA Authentication Manager with a global catalog the connection fails

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 22, 2017
Version 3Show Document
  • View in full screen mode

Article Content

Article Number000017475
Applies ToRSA Product Set:  SecurID
RSA Product/Service Type:  Authentication Manager
RSA Version/Condition: 8.x, 7.1, 3.0
IssueWhen configuring LDAP or LDAPS with a global catalog, the connection fails with the following error:
There was a problem processing your request.
Test connection failed. One or more directory connections is incorrect.
CauseAn invalid or incorrect certificate is configured or the wrong port numbers are defined.
ResolutionPlease see the article on how to obtain and install the Windows rootCA certificate from a domain controller to use for LDAPS and secure identity source over port 636.


Use ports 389 for a domain controller (e. g., ldap://<fqdn> or ldap://<fqdn>:389) or 3268 for a global catalog (e. g., ldap://<fqdn>:3268).  


Use ports 636 and 3269 for the global catalog (e. g.,  ldaps://<fqdn> or ldaps://<fqdn>:636) or ldap://<fqdn>:3269 for a global catalog. 
Legacy Article IDa66199