Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Failed to Connect to ldap:<server name>:389

Hello,

I wanted to know if anyone can help me resolve the issue I am having with connecting my Callmanager 7.1.5 with my AD LDAP.  No matter what I try, I get the meeage:

Failed to Connect to ldap:<server name>:389

I am able to ping the AD server from the callmanager and ping the callmanager IP from the AD server.

I have tried using SSL port : 636 as well.

Everyone's tags (2)
10 REPLIES
Cisco Employee

Failed to Connect to ldap:<server name>:389

The easist way to troubleshoot is to start a packet capture from the publisher and leave it running while you click save which initiates a connection to the LDAP server.  Once you see the error message on the screen you can stop the packet capture and take a look at it to see why it fails to connect.

Here's how to take a packet capture if you're not familiar with it:

http://www.cisco.com/en/US/products/sw/voicesw/ps556/products_tech_note09186a0080b36101.shtml

Failed to Connect to ldap:<server name>:389

389 and 636 are the well-known LDAP ports.  You might also try the Global Catalog ports of 3268 and 3269.  It would be worthwhile to find out of there is an ACL and/or firewall that might be restricting access as well.

Hailey

Please rate helpful posts!

Failed to Connect to ldap:<server name>:389

Joe, any information on why LDAP errors are not logged in the DirSync log files, even when set to debug?  I was recently troubleshooting an LDAP issue and had to resort to a packet capture myself.  Thanks.

FYI, if you do a packet capture on a non-SSL enabled AD integration, be prepared to see usernames and passwords, in clear text,  in the ldap.bindReuest messages.

Anthony Holloway

Please use the star ratings to help drive great content to the top of searches.
Cisco Employee

Failed to Connect to ldap:<server name>:389

Are you 100% sure your AD admin and OU settings are correct????

HTH

java

if this helps, please rate

www.cisco.com/go/pdihelpdesk

HTH

java

if this helps, please rate

www.cisco.com/go/pdi
New Member

Failed to Connect to ldap:<server name>:389

I have tried port 3268 and 3269.  I ran a packet trace and I got an XML file back, how do I see what could be causing the issue.  The AD and OU settings are correct.

Re: Failed to Connect to ldap:<server name>:389

Is there a firewall and/or ACL in the path between CUCM and AD?

You could load an LDAP browser and attempt to bind using the same credentials from a machine in another subnet.

http://www.netcraftsmen.net/blogs/uc-toolkit-part-1-ldap-browsers.html

Hailey

Please rate helpful posts!

New Member

Failed to Connect to ldap:<server name>:389

There is no firewall or ACL between AD and CUCM.  I was able to bind  the ldap server using an ldap browser, but when I try to connect I am  still getting the same error on all ports.

Any other suggestions?

Thank you for the help.

Cisco Employee

Failed to Connect to ldap:<server name>:389

If you downloaed the packet capture using RTMT, you should see an XML file as well as a directory with the server name.  Inside the directory with the server name you should find a platform/cli/.cap file that we can look at.

Re: Failed to Connect to ldap:<server name>:389

Try entering the LDAP user account in the following format:

user@domain.com

Make sure that the user you are specifying (in your case, ccmadministrator) was created as an account in AD along with the password you are specifying as well.

See if that works for you.

New Member

Failed to Connect to ldap:<server name>:389

Joe:

I have a directory with the server name, but no .CAP file.  I even selected all services when I collected the files.

David,

The ccmadministrator account is created in AD and the password is correct, I have reset the password and tested again, with the same results.  I have also tried using the AD admin account to see if it connected, but I get the same error.

5565
Views
0
Helpful
10
Replies