8.6 Error Message LDAP_SERVER_DOWN
The error code LDAP_SERVER_DOWN usually
means that the driver can’t open the LDAP port on the Active
Directory domain controller configured for synchronization. This
can happen for several reasons.
- The server named in the driver authentication
context is incorrect. The authentication context should hold the
DNS name or the IP address of the domain controller you use for synchronization.
If you leave the parameter empty, the driver attempts to connect
to the machine that is running the driver shim (either the same
server that is running IDM, or the server hosting the Remote Loader).
- You are using an IP address for authentication context,
and you have disabled non-Kerberos authentication to Active Directory.
Kerberos requires a DNS name for authentication context.
The driver shim can authenticate only using the pre-Windows
2000 Logon method or simple bind. If you have disabled NTLM, NTLM2,
and simple bind on your network, you might receive the LDAP_SERVER_DOWN
message.
- You have configured the driver to use an SSL connection
to Active Directory. This message means that something is wrong
with the certificate that you imported to the driver shim server (or
no certificate was imported at all).