|Applies To||Windows 2003 Server SP1|
Red Hat Linux AS 3.0
Authentication Manager 7.0
|Issue||rsautil initialize-is --status to check connection to LDAP fails|
C:\Program Files\RSA Security\RSA Authentication Manager\utils>rsautil initialize-is --status --ldap-name vm235-4_AD
Enter master password: **********
Testing connection to the primary server... Failed
Testing connection to the secondary server... Not Found
C:\Program Files\RSA Security\RSA Authentication Manager\utils>
1. You have not restarted the Authentication Manager services after importing the certificate and running the deploy command.
2. The LDAP administrator specified during the deploy doesnt have proper permissions to access the LDAP.
3. The deploy command had errors. (wrong LDAP URL for instance)
4. If creating the connection over LDAPS the SSL certificate has not been installed properly.
5. You deployed the same connector more than once with the same name, now if you run rsautil initialize-is --list you see more than one matching connector.
1. If you make a mistake during the deploy, run an undeploy and start over again. (rsautil initialize-is --undeploy --ldap-name <name>)
2. If you are using LDAPS you need to import the SSL certificate. How to import the SSL certificate and deploy the LDAP resource adapter in Authentication Manager 7.0.
3. Use another ldap browser to verify you can connect using the LDAP user you specified in the deploy. If you can't connect then you will need to troubleshoot that before the deploy will work.
|Notes||The rsautil initialize-is --deploy command doesnt actually attempt to connect to the LDAP, it merely creats the connector in the Application server as defined by the command. Because of this it almost never fails... even if the LDAP information entered is invalid. Running rsautil initialize-is --status attempts to establish the connection. If this fails then you will not be able to create the identity source in the console.|
|Legacy Article ID||a34842|