ScaleIO: Cannot login using LDAPS authentication.   Status: Could not connect to LDAP service. Please check username, password and LDAP service parameters.

           

   Article Number:     500849                                   Article Version: 4     Article Type:    Break Fix 
   

 


Product:

 

ScaleIO

 

Issue:

 

 

Unable to login via secure LDAP (LDAPS).      
   
    User issued command:   
   
    scli --login --username <LDAP username> --password <LDAP user password>   --ldap_authentication   
   
    Receive message " Status: Could not connect to LDAP service. Please check username, password and LDAP service parameters", despite the username and password being correct.
                                                           

 

 

Cause:

 

 

ScaleIO is not recognizing the certificate from the LDAP server.                                                           

 

 

Resolution:

 

 

There are 2 possible solutions.   
   
    1.  Download the certificate from the LDAP server and place it on the MDM server.   Add a line to the /etc/openldap/ldap.conf pointing to the certificate:   
                  TLS_CACERT <certificate file including path>     
     
      2.  Instruct the LDAP system to accept certificates by adding the following line to /etc/openldap/ldap.conf     
                    TLS_REQCERT     allow
   
   
     
                                                           

 

 

Notes: