What documentation is needed when debugging a LDAP Server problem, such as connection errors, Security attribute lookup errors or password synchronization errors?

Document ID : KB000019267
Last Modified Date : 14/02/2018
Show Technical Document Details

Description:

There is a standard list of documentation that is typically needed when debugging LDAP Server problems.

Solution:

CA LDAP Server Documentation for LDAP Problems/Issues

The following documentation and display output from Status command and ldaptest verification script will be helpful in debugging LDAP problems such as LDAP connection errors, ACF2 attribute lookup errors or password synchronization errors.

  • The display output from the CA LDAP status command, issued from the

console to show the current status of the LDAP server.

f ldapr15,status

* Note where 'ldapr15' is the LDAP Server started task name.

  • The CA LDAP Server joblog.
  • Verify the OMVS HOME directory for the LDAP started task is the same as the install directory by listing the OMVS Profile record for the id.
  • The display output from the ldaptest script to verify that the CA LDAP Server is working?
    This can be done from OMVS and switching to the CA LDAP Server installation directory as follows.

    From OMVS Change to the installation directory(for your site's install) by issuing the following command:

    cd /u/ldapr15/

    Issue ldap test command:

    syntax: ./ldaptest -u userid -w password -h host -p port
  • A copy of the slapd.conf and slapd.env file from the LDAP Server installation directory.
  • Recreate the LDAP error after turning on DEBUG and send in the stderr file. This can be done from the console as follows:

    f ldapr15,SET,DEBUG,ANY

    * Note where 'ldapr15' is the LDAP Server started task name.