We are delighted to share our new EIC Delivery Methodology for efficiently managing Saviynt Implementations and delivering quick time to value. CLICK HERE.

Save and Test connecting Failing for AD - New implementation

LokeshSoundar
New Contributor
New Contributor
Hello Team , 
 
We are onboarding Active Directory domain using AD connector with connection parameter format is as below:
 
URL : ldap://ipaddress>:389
User: CN=XX,OU=XX & XX,DC=XX,DC=XX
and password.
 
We just want to test the connection, so provided only the mandatory fields like URL, username and password. Save and test connecting is failing and we are not able to see anything in logs as well.
 
This a new implementation in Dev environment. 
 
7 REPLIES 7

pmahalle
All-Star
All-Star

Hi @LokeshSoundar ,

What is the error showing on UI when connection failed, provide screenshot of it.


Pandharinath Mahalle(Paddy)
If this reply answered your question, please Accept As Solution to help other who may have a same problem. Give Kudos 🙂

dgandhi
All-Star
All-Star

is the connectivity established between your Saviynt instance and AD? Is AD URL reachable from Saviynt? Is the port open?

Can you check all these points?

 

Thanks,
Devang Gandhi
If this reply answered your question, please Accept As Solution and give Kudos to help others who may have a similar problem.

LokeshSoundar
New Contributor
New Contributor

Hi Pandharinath,

Attached the screenshot.

Screenshot 2023-08-03 195814.jpg

Thanks,

Lokesh

[This post has been edited by a Moderator to remove sensitive information.]

Share logs from Audit Logs and configurations from connection


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

The problem is once that is failing , in Saviynt logs we are not able to see any error desc recorded for this failure. 

Connection Details in format as below :

URL: ldap://XX.XXX.XX.XX:389

USER: CN=XX_XXXX,OU=XX-XX XX XX,DC=XX-XX,DC=XX,DC=XX

and password.

Hi @Diptansu1 ,

Did you setup SC2.0 client from where AD is accessible? You can check it by ping or telnet command.

Also SC2.0 is reachable from Saviynt? Raise FD ticket and check with Saviynt team.


Pandharinath Mahalle(Paddy)
If this reply answered your question, please Accept As Solution to help other who may have a same problem. Give Kudos 🙂

Hi Rushikesh,

We are getting below error.

23-08-15T16:06:01.805858369Z stdout F javax.naming.CommunicationException: x.x.x.x:389 [Root exception is java.net.SocketTimeoutException: connect timed out]"
"2023-08-15T16:06:01.996+00:00","ecm","","","","2023-08-15T16:06:01.805862469Z stdout F at com.sun.jndi.ldap.Connection.<init>(Connection.java:233)"
"2023-08-15T16:06:01.996+00:00","ecm","","","","2023-08-15T16:06:01.805864969Z stdout F at com.sun.jndi.ldap.LdapClient.<init>(LdapClient.java:137)"
"2023-08-15T16:06:01.996+00:00","ecm","","","","2023-08-15T16:06:01.805867569Z stdout F at com.sun.jndi.ldap.LdapClient.getInstance(LdapClient.java:1615)"
"2023-08-15T16:06:01.996+00:00","ecm","","","","2023-08-15T16:06:01.805869769Z stdout F at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2849)"
"2023-08-15T16:06:01.996+00:00","ecm","","","","2023-08-15T16:06:01.805871969Z stdout F at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:347)"
"2023-08-15T16:06:01.996+00:00","ecm","","","","2023-08-15T16:06:01.805876769Z stdout F at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxFromUrl(LdapCtxFactory.java:229)"
"2023-08-15T16:06:01.996+00:00","ecm","","","","2023-08-15T16:06:01.805878969Z stdout F at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:189)"
"2023-08-15T16:06:01.996+00:00","ecm","","","","2023-08-15T16:06:01.805881269Z stdout F at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:247)"
"2023-08-15T16:06:01.996+00:00","ecm","","","","2023-08-15T16:06:01.805883369Z stdout F at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:154)"
"2023-08-15T16:06:01.996+00:00","ecm","","","","2023-08-15T16:06:01.805885869Z stdout F at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:84)"
"2023-08-15T16:06:01.996+00:00","ecm","","","","2023-08-15T16:06:01.805888069Z stdout F at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:695)"
"2023-08-15T16:06:01.996+00:00","ecm","","","","2023-08-15T16:06:01.805890169Z stdout F at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:313)"
"2023-08-15T16:06:01.996+00:00","ecm","","","","2023-08-15T16:06:01.80592187Z stdout F at javax.naming.InitialContext.init(InitialContext.java:244)"
"2023-08-15T16:06:01.996+00:00","ecm","","","","2023-08-15T16:06:01.80592487Z stdout F at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:154)"
"2023-08-15T16:06:01.996+00:00","ecm","","","","2023-08-15T16:06:01.80592687Z stdout F at com.saviynt.ldap.SaviyntGroovyLdapService.getConnection(SaviyntGroovyLdapService.groovy:3809)"
"2023-08-15T16:06:01.996+00:00","ecm","","","","2023-08-15T16:06:01.80592897Z stdout F at com.saviynt.ldap.SaviyntGroovyLdapService.testADConnection(SaviyntGroovyLdapService.groovy:5082)"
"2023-08-15T16:06:01.996+00:00","ecm","","","","2023-08-15T16:06:01.80593097Z stdout F at com.saviynt.ecm.integration.ExternalConnectionCallService.testExternalConnection(ExternalConnectionCallService.groovy:584)"
"2023-08-15T16:06:01.996+00:00","ecm","","","","2023-08-15T16:06:01.80593397Z stdout F at com.saviynt.ecm.utility.domain.EcmConfigController$_closure21.doCall(EcmConfigController.groovy:766)"
"2023-08-15T16:06:01.996+00:00","ecm","","","","2023-08-15T16:06:01.80593637Z stdout F at grails.plugin.springsecurity.web.filter.GrailsAnonymousAuthenticationFilter.doFilter(GrailsAnonymousAuthenticationFilter.java:53)"
"2023-08-15T16:06:01.996+00:00","ecm","","","","2023-08-15T16:06:01.80593837Z stdout F at com.saviynt.webservice.SaviyntRestAuthenticationFilter.doFilter(SaviyntRestAuthenticationFilter.groovy:155)"
"2023-08-15T16:06:01.996+00:00","ecm","","","","2023-08-15T16:06:01.80594037Z stdout F at grails.plugin.springsecurity.web.authentication.logout.MutableLogoutFilter.doFilter(MutableLogoutFilter.java:62)"
"2023-08-15T16:06:01.996+00:00","ecm","","","","2023-08-15T16:06:01.80594227Z stdout F at grails.plugin.springsecurity.web.SecurityRequestHolderFilter.doFilter(SecurityRequestHolderFilter.java:59)"
"2023-08-15T16:06:01.996+00:00","ecm","","","","2023-08-15T16:06:01.80594597Z stdout F at com.mrhaki.grails.plugin.xframeoptions.web.XFrameOptionsFilter.doFilterInternal(XFrameOptionsFilter.java:69)"
"2023-08-15T16:06:01.996+00:00","ecm","","","","2023-08-15T16:06:01.80594787Z stdout F at com.brandseye.cors.CorsFilter.doFilter(CorsFilter.java:82)"
"2023-08-15T16:06:01.996+00:00","ecm","","","","2023-08-15T16:06:01.80595017Z stdout F at java.lang.Thread.run(Thread.java:750)"
"2023-08-15T16:06:01.996+00:00","ecm","","","","2023-08-15T16:06:01.80595207Z stdout F Caused by: java.net.SocketTimeoutException: connect timed out"

I have tested using the both LDAP and LDAPS port. PFB the details,

URL: LDAP://xx.xxx.xx.x:389

UserName: CN=xxxx_xxxxxxx,OU=xxx-xxxx xxxx & xxxx,DC=xxxxx-xxxx,DC=xx,DC=xx

Password: Password

LDAP or AD: AD

ConfigJSON: {
"connectionTimeoutConfig": {
"connectionTimeout": 120,
"readTimeout": 50,
"retryWait": 20,
"retryCount": 3
}
}

From the Linux Server where the Saviynt connect 2.0 client is installed, I ran below commands and connection is established successfully

nc -zv <SaviyntServerPublicIP> 443

nc -zv <ADDCIP> 389

nc -zv <ADDCIP> 636

I have attached screenshots for reference. Kindly help to resolve this.

Thanks,

Lokesh