Jump to content
Welcome to our new Citrix community!

LDAP Not Working


Recommended Posts

Can you formulate a bit more about "adding a certificate to LDAP fixed the issue"?
where did you add the certificate? On the Domain Controller? on the NetScaler?
I am still having the same problem, even enabling LDAPs and I had the proper DC certificate installed, as LDAPs binding is working fine from other machine.

It doesn't matter which upn I use for the user and what complexity of password. It still fails with "Error: Arguements failed input validation." error message.

Link to comment
Share on other sites

Same issue here with 13.0.79.64

 

logged a ticket with citrix and they said it's a cosmetic bug

 

However if you use ldap monitor that actually do authentication test, it will FAIL the monitor, and down your ldap server. So the work around is not to use ldap monitor, instead just use TCP 389/636 port checking.

 

They acknowledge this and making all sort of excuses for not aware of this (Wasted 2 weeks of my time), and I demand them to put that on release note, and ETA for fixing it.

  • Like 1
Link to comment
Share on other sites

Hello

 

I have the same error when I activated KEK key to improve security of password store on ns.conf.

It seem since 13.1 76.X KEK is automaticaly generated.

I don't find a way to disable KEK on last version.

I found how to remove the key but it's not a good idea, all ldap configuration as gone due the missing key and after to see the adc create new key...

We can find in the ns.conf the kek related configuration

 

example :

image.thumb.png.6bfac3eb91bcffe2a715914ee1c24ab3.png

Regards,

 

 

Mathieu

 

 

 

Link to comment
Share on other sites

I get the same issue on NS13.0 79.64.nc when attempting to connect to ldap.

 

When adding the bind account to an LDAP server, if an underscore is present in the username, I get "Error: Arguements failed input validation."

 

If using a different account name that gets around the validation issue, it still fails when testing network connectivity.

 

When using any account in a custom ldap monitor,  It locks the account out and fails.  This happens whether using LDAP 389 or LDAPS 636

Link to comment
Share on other sites

  • 2 weeks later...

We have the Same issue with the newly released 12.1 62.21  upgrade it displays "Error: Arguements failed input validation." when testing the LDAPS/LDAP rechability.  It also shows the Authentication Server as red and down though it is processing authentications fine.

 

Can you please let us know what is the permanent fix for this & in which version of NS upgrade  it is fixed? 

 

Should we roll back the upgrade or can we ignore the error. Kindly suggest

 

Link to comment
Share on other sites

LDAP will still work, you just can't do the verification tests.  What I do is set it up, then attempt to login.  If there are any failures you can use /tmp/aaad.debug to troubleshoot it.

 

And just to let everyone know, the new versions released today it is still broken.  But at least they call it out in the known issues.

Link to comment
Share on other sites

On 6/8/2021 at 5:59 PM, Jeff Riechers1709152667 said:

LDAP will still work, you just can't do the verification tests.  What I do is set it up, then attempt to login.  If there are any failures you can use /tmp/aaad.debug to troubleshoot it.

 

And just to let everyone know, the new versions released today it is still broken.  But at least they call it out in the known issues.

LDAP sever probe fails, so LDAP monitroes not working.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...