Environment
iPrint Appliance 1.1 patch 1,2,3 and 4
DSFW LDAP source server
DSFW LDAP source server
Situation
With DSFW as the LDAP source server, the following error is returned on the LDAP import page:
LDAP error -13: "Confidentiality required"
LDAP error -13: "Confidentiality required"
Resolution
This error occurs when SSL (LDAPS) is not being used, and the LDAP group and server objects are not configured to use Clear Text Passwords. This can be resolved by either enabling SSL or by editing the LDAP objects on the source LDAP server to not force a secure LDAP connection.
To change source LDAP server to not restrict connections to only secure, modify the LDAP group and server objects using iManager:
Step 1. Click on the LDAP role on the right side | LDAP Options | LDAP Group <ServerName> | un-check "Require TLS for Simple Binds with Password" | click apply
Step 2. Click on the LDAP role on the right side | LDAP Options | LDAP Server <ServerName> | Connections sub tab under the General tab | un-check "Require TLS for all operations" | click apply | click refresh
To change source LDAP server to not restrict connections to only secure, modify the LDAP group and server objects using iManager:
Step 1. Click on the LDAP role on the right side | LDAP Options | LDAP Group <ServerName> | un-check "Require TLS for Simple Binds with Password" | click apply
Step 2. Click on the LDAP role on the right side | LDAP Options | LDAP Server <ServerName> | Connections sub tab under the General tab | un-check "Require TLS for all operations" | click apply | click refresh
Cause
In one problem scenario, the source LDAP server was updated DSFW. After that change, the LDAP import page changed to use port 1389, the DSFW LDAP port. As part of the DSFW update, the LDAP objects on the DSFW server were recreated and, by default, plain LDAP was disallowed, resulting in the error.