In Managment Console for Unix (MCU) , failure to connect to AD and displayed error: Active Directory verification failed because Error performing LDAP operation.
Unable to configure AD.
With MCU debug set we see the following:
[LDAP:error code 34 - 0000208F: NameErr: DSID-031001F7, problem 2006 (BAD_NAME), data
CAUSE1: network issue
CAUSE 2: There was two conflicting QAS Application Configuration containers in AD. MCU was query and finding the wrong QAC and getting hung up because the ldap query was using a dn with a : in it. MCU Product Defect 28652 has been entered to allow the character.
CAUSE 3: Product Defect caused by new Starling attribute setting in Control Center version 4.2.1
805680 - Starling attributes sometimes are mapped to an ldapDisplayName of 'null' when opening MCU.
RESOLUTION 1:
1 - Stop the MCU Service
2 - Edit the custom.cfg file and add the following:
-Dad.config.site=site>
Replacing the with information from your Active Directory and save the file
3. Restart the MCU services
RESOLUTION 2:
MCU contacts the the Quest Application Configuration (QAC). The QAC is an Active Directory object used to store QAS product information such as license and default settings for QAS 4.x components. It consists of multiple nested objects of the objectClass ‘Container’ inside a container with the name cn={786E0064-A470-46B9-83FB-C7539C9FA27C}.
There should only be one in an Active Directory Forest.
1 - Deleted one of the application containers.
WORKAROUND FOR DEFECT 805680 :
Refer to KB310612
© 2024 One Identity LLC. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy Cookie Preference Center