IBM Support

TM1Server LDAP Connection Failing, LDAP ERROR: 0x51 - ldap_connect failed

Troubleshooting


Problem

Attempting to configure TM1 to use an LDAP as an anuthentication source, is returning the following error in the tm1server.log when users attempt to log in: ERROR 2016-01-26 12:39:48.900 TM1.LDAPAuth LDAP ERROR: 0x51 - ldap_connect failed.

Diagnosing The Problem

Recreate the error, and immediately check Windows Event Viewer's 'System' logs for any details. In this case, the following error had been thrown:

Event Type: Error


Event Source: Schannel
Event ID: 36884
Description: The certificate received from the remote server does not contain the expected name. It is therefore not possible to determine whether we are connecting to the correct server. The server name we were expecting is server_name. The SSL connection request has failed. The attached data contains the server certificate.

The detail above leads us to Microsoft KB Article 2275950:https://support.microsoft.com/en-us/kb/2275950

Resolving The Problem

The detail in the error and Microsoft KB, indicate that there is an issue with using Microsoft APIs to verify the certificate (unless the MS HotFix is applied). In order to tell TM1 not to use the Microsoft API for SSL Cert Verification, we must set the following in the tm1s.cfg file (and restart TM1):

LDAPVerifyServerSSLCert=T
^This tells TM1 that it is now responsible for checking the certificate

You may also need to specify the expected servername using the LDAPVerifyCertServerName parameter, or you may skip the servername check altogether using LDAPSkipSSLCertVerification=T

The following documentation should be reviewed to determine what path better suits your environment: http://www-01.ibm.com/support/knowledgecenter/SS9RXT_10.2.2/com.ibm.swg.ba.cognos.tm1_inst.10.2.2.3.doc/c_ldapverifyserversslcert.html

[{"Product":{"code":"SS9RXT","label":"Cognos TM1"},"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Component":"TM1 Server","Platform":[{"code":"PF033","label":"Windows"}],"Version":"10.1.0;10.1.1;10.2;10.2.2","Edition":"All Editions","Line of Business":{"code":"LOB10","label":"Data and AI"}}]

Document Information

Modified date:
15 June 2018

UID

swg21975807