Error Message LDAP_SERVER_DOWN
The error code LDAP_SERVER_DOWN usually means that the driver can't open the LDAP port on the Active Directory domain controller configured for synchronization. This can happen for several reasons.
- The server named in the driver authentication context is incorrect. The authentication context should hold the DNS name or the IP address of the domain controller you use for synchronization. If you leave the parameter empty, the driver attempts to connect to the machine that is running the driver shim (either the same server that is running IDM, or the server hosting the Remote Loader).
- You are using an IP address for authentication context, and you have disabled non-Kerberos authentication to Active Directory. Kerberos requires a DNS name for authentication context.
The driver shim can authenticate only using the pre-Windows 2000 Logon method or simple bind. If you have disabled NTLM, NTLM2, and simple bind on your network, you might receive the LDAP_SERVER_DOWN message.
- You have configured the driver to use an SSL connection to Active Directory. This message means that something is wrong with the certificate that you imported to the driver shim server (or no certificate was imported at all).