0

Error: unable to determine LDAP vendor

Applies to:

All versions of Director using LDAP Driver

Symptom:

Unable to determine LDAP vendor; no available map was found to match.

Screen_Shot_2014-04-23_at_2.24.47_PM.png

Cause:

Vendor mapping files need to be created.

Resolution:

Open LDAP Vendor Mapping

We prepared a couple of other Ldap Vendor mapping files for the wizard to use when attempting to identify the vendor specific information needed to configure the LDAP identity provider.  While these have had varying degrees of testing (from none for the IBM document) to extensive (OpenLDAP) to fully supported (Oracle). The XML mapping files are attached to this Article.

Place one of the attached mapping files in C:\Program Files\Venafi\Drivers\Identity\.

 

1. LdapVendor.Microsoft-ActiveDirectory

This document is used to allow the LDAP identity provider to be configured to work with Active Directory.

2. LdapVendor.Microsoft-ActiveDirectory-LightweightDirectoryServices

3. LdapVendor.Microsoft-ActiveDirectory-LightweightDirectoryServices-UserProxy

4. LdapVendor.Microsoft-ActiveDirectory-LightweightDirectoryServices-UserProxyFull

These are used for some of the more common configurations we found when setting up a provider to speak with Active Directory Lightweight Directory Services.

5. LdapVendor.OpenLDAP-2.4

6. LdapVendor.IBM-Tivoli

Here is the output of the configuration wizard:

 

Host connectivity check: started...

Host connectivity check: failed; CN=server1.traininglab.local

The revocation function was unable to check revocation for the certificate.

 

 

CN=server1.traininglab.local

The revocation function was unable to check revocation because the revocation server was offline.

 

 

Host connectivity check: started...

   LDAP RootDSE

      Version 2 Protocol Supported: True

      Version 3 Protocol Supported: True

      Supported Controls

         1.2.840.113556.1.4.1338

         1.2.840.113556.1.4.1339

         1.2.840.113556.1.4.1340

         1.2.840.113556.1.4.1341

         1.2.840.113556.1.4.1413

         1.2.840.113556.1.4.1504

         1.2.840.113556.1.4.1852

         1.2.840.113556.1.4.1907

         1.2.840.113556.1.4.1948

         1.2.840.113556.1.4.1974

         1.2.840.113556.1.4.2026

         1.2.840.113556.1.4.2064

         1.2.840.113556.1.4.2065

         1.2.840.113556.1.4.2066

         1.2.840.113556.1.4.319

         1.2.840.113556.1.4.417

         1.2.840.113556.1.4.473

         1.2.840.113556.1.4.474

         1.2.840.113556.1.4.521

         1.2.840.113556.1.4.528

         1.2.840.113556.1.4.529

         1.2.840.113556.1.4.619

         1.2.840.113556.1.4.801

         1.2.840.113556.1.4.802

         1.2.840.113556.1.4.805

         1.2.840.113556.1.4.841

         1.2.840.113556.1.4.970

         2.16.840.1.113730.3.4.10

         2.16.840.1.113730.3.4.9

      Supported Capabilities

         1.2.840.113556.1.4.1670

         1.2.840.113556.1.4.1791

         1.2.840.113556.1.4.1935

         1.2.840.113556.1.4.2080

         1.2.840.113556.1.4.800

Host connectivity check: succeeded

Credential check: started...

   Compare Vendor Map: Oracle Directory Services Enterprise Edition 11g

      Find Any Entry; DC=traininglab,DC=local: no entries in search result

         Filter: (objectClass=*)

         Attributes:

            { All User Attributes }

            nsUniqueId

            entryDN

Credential check: failed; unable to determine LDAP vendor

Credential check: started...

   Compare Vendor Map: Oracle Directory Services Enterprise Edition 11g

      Find Any Entry; DC=traininglab,DC=local: no entries in search result

         Filter: (objectClass=*)

         Attributes:

            { All User Attributes }

            nsUniqueId

            entryDN

Credential check: failed; unable to determine LDAP vendor

 




LdapVendor.IBM-Tivoli.xml
LdapVendor.Microsoft-ActiveDirectory.xml
LdapVendor.Microsoft-ActiveDirectory-LightweightDirectoryServices.xml
LdapVendor.Microsoft-ActiveDirectory-LightweightDirectoryServices-UserProxy.xml
LdapVendor.Microsoft-ActiveDirectory-LightweightDirectoryServices-UserProxyFull.xml
LdapVendor.OpenLDAP-2.4.xml

0 comments

Post is closed for comments.