|Applies To||RSA Product Set: Archer|
RSA Version/Condition: 5.x
|Issue||The LDAP Synch sometimes fails when Use Serverless Binding option is enabled in LDAP Configuration.|
|Cause||One possible cause is the LDAP Configuration has the Use Serverless Binding option enabled and the environment has multiple Active Directory Domain Controllers (ADDC).|
Serverless binding doesn't dictate which Active Directory Domain Controllers it will hit first. If users/groups aren't completely identical across all of your Active Directory Domain Controllers, the LDAP Synch could connect to an ADDC that doesn't have the same users/group setup/hierarchy and the LDAP Synch may fail. Running the LDAP Synch again may succeed, but that only means that it hit a different ADDC that does match the user/group setup that it recognizes.
|Resolution||There are a few options:|