|Applies To||RSA Product Set: RSA Archer|
RSA Version/Condition: All
|Issue||The LDAP Sync sometimes fails when the Use Serverless Binding option is enabled in LDAP Configuration.|
|Cause||One possible cause is the LDAP Configuration has the Use Serverless Binding option enabled and the environment has multiple Active Directory Domain Controllers (ADDC).|
Serverless binding doesn't dictate which Active Directory Domain Controllers it will hit first. If users/groups aren't completely identical across all of your Active Directory Domain Controllers, the LDAP Sync could connect to an ADDC that doesn't have the same users/group setup/hierarchy and the LDAP Sync may fail. Running the LDAP Sync again may succeed, but that only means that it hit a different ADDC that does match the user/group setup that it recognizes.
|Resolution||There are a few options:|