Environment
Novell Identity Manager 3.6.1
Situation
The Novell Identity Manager Active Directory Driver is set up to
connect to an instance of Active Directory. This works correctly
until the connection is secured by SSL. Then no users are created
or modified and the following error appears in a level 3
trace:
<status level="retry" type="driver-general">
<message>unable to connect to Active Directory</message>
<ldap-err ldap-rc="81" ldap-rc-name="LDAP_SERVER_DOWN">
<client-err ldap-rc="81" ldap-rc-name="LDAP_SERVER_DOWN">Server Down</client-err>
</ldap-err>
</status>
<status level="retry" type="driver-general">
<message>unable to connect to Active Directory</message>
<ldap-err ldap-rc="81" ldap-rc-name="LDAP_SERVER_DOWN">
<client-err ldap-rc="81" ldap-rc-name="LDAP_SERVER_DOWN">Server Down</client-err>
</ldap-err>
</status>
Resolution
In the iManager Active Directory driver configuration, under
authentication options, SSL was set to SSL = yes. It should be set
to no. This parameter refers to SSL encryption between the Active
Directory driver shim and Active Directory, not the Identity
Manager engine and remote loader, and requires further configuration
steps.