Event ID: 12545 Could not connect to Active Directory/LDAP Server.

1.Failure to connect to an Active Directory/LDAP server
Phenomenon

The following event is output to Event Viewer.

Log LevelMessage
warn

[Overview]
Could not connect to Active Directory/LDAP Server.

[Detail]
(Log details)

Description

Failure to connect to an Active Directory/LDAP server.

Support

Check whether the following parameters in the configuration file are configured correctly.

  • ldap addresses, port, user, password, and base_dn

Check whether the Active Directory/LDAP servers are operating properly.
When an LDAPS connection is enabled, check whether LDAPS is correctly configured on Active Directory.

2.Failed to connect to all Active Directory/LDAP servers
Phenomenon

The following event is output to Event Viewer.

Log LevelMessage
error

[Overview]
Could not connect to Active Directory/LDAP Server.

[Detail]
Could not Connect to ALL Active Directory/LDAP Server : (IP address of the LDAP server)

Description

Failed to connect to all Active Directory/LDAP servers.

Support

Check whether the following parameters in the configuration file are configured correctly.

  • ldap addresses, port, user, password, and base_dn

Check whether the Active Directory/LDAP servers are operating properly.
When an LDAPS connection is enabled, check whether LDAPS is correctly configured on Active Directory.

3.Although connection with Active Directory was attempted, no response was received from Active Directory
Phenomenon

The following event is output to Event Viewer.

Log LevelMessage
warn

[Overview]
Could not connect to Active Directory/LDAP Server.
[Detail]
LDAP Result Code 200 "Network Error": dial tcp (IP address) : (Port number): connectex: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond. (IP address)

Description

Although connection with Active Directory was attempted, no response was received from Active Directory.

Support

Check whether the following parameters in the configuration file are configured correctly.

  • ldap addresses, port, user, password, and base_dn

Check whether the Active Directory/LDAP servers are operating properly.

4.Although connection to Active Directory was attempted via LDAP, communication using servers other than LDAPS is not allowed for Active Directory
Phenomenon

The following event is output to Event Viewer.

Log LevelMessage
error

[Overview]
Could not connect to Active Directory/LDAP Server.

[Detail]
LDAP Result Code 8 "Strong Auth Required": 00002028: LdapErr: DSID-0C09027F, comment: The server requires binds to turn on integrity checking if SSL\TLS are not already active on the connection, data 0, v3839 (IP address)

Description

Although connection to Active Directory was attempted via LDAP, communication using servers other than LDAPS is not allowed for Active Directory.

Support

Take any of the following actions.

  • Allow LDAP communicator on Active Directory
  • Enable STARTTLS on Directory Sync
    Specify start_tls for ad.ldap.server.encryption.
5.Connection was attempted to Active Directory’s port 636, but Active Directory denied the connection
Phenomenon

The following event is output to Event Viewer.

Log LevelMessage
warn

[Overview]
Could not connect to Active Directory/LDAP Server.

[Detail]
unable to read LDAP response packet: read tcp (IP address) : (Port number) -> (IP address) :636: wsarecv: An existing connection was forcibly closed by the remote host. (IP address)

Description

Connection was attempted to Active Directory’s port 636, but Active Directory denied the connection

Support

Check the following.

  • Check for settings that allow Active Directory to deny connection
  • When STARTTLS is enabled on Directory Sync, check whether 389 is specified as the connection port for improvement
    Start STARTTLS communication with port 389, not with port 636.
6.Although a request was sent to Active Directory via LDAP, there are no viewing privileges
Phenomenon

The following event is output to Event Viewer.

Log LevelMessage
error

[Overview]
Could not connect to Active Directory/LDAP Server.

[Detail]
#<ActiveLdap::AuthenticationError: All authentication methods for ldap:// (IP address) (StartTLS) exhausted.> (IP address)

Description

Although a request was sent to Active Directory via LDAP, there are no viewing privileges.

Support

Check whether users for connecting to Active Directory have privileges to view all users and groups that will be synchronized over Active Directory.