KB-3796: Unexpected LDAP Error Connect Error

Centrify DirectControl ,  

12 April,16 at 11:44 AM

Applies to: Centrify DirectControl (All versions)

How do I troubleshoot when I get 'Unexpected LDAP Error Connect Error' error?

This is one of the common issues if DNS server on Domain Controller is not being used and instead Bind DNS server on UNIX is used.

Here are series of troubleshooting steps that can be followed to resolve the issue:
Step 1: Verify if UNIX host computer can locate the domain controller and related services by running the ping command and verifying connectivity to the correct Active Directory domain controller. 

Step 2: If ping test from Step1 fails, make sure there is an entry in the /etc/resolv.conf file pointing to a DNS server. If this DNS server is aware of the Active Directory domain you want to join, no further changes are needed.

Step 3: If the DNS server identified as a name server in the /etc/resolv.conf file is not aware of the domain you are trying to join, for example, because you are using a test domain or a separate evaluation environment, you need to either disable DHCP or you need to manually set the location of the Active Directory domain controller in the Centrify DirectControl configuration file.

To manually specify a domain controller in the Centrify DirectControl configuration file, add the following entry to the Centrify DirectControl configuration file, /etc/centrifydc/centrifydc.conf: dns.dc.domain_name: server_name [server_name ...]

For example, if Centrify DirectControl is being used in a domain called mylab.test and the domain controller for this domain is dc1.mylab.test, then add the following line to /etc/centrifydc/centrifydc.conf file: dns.dc.mylab.test: dc1.mylab.test


