Resolution
fact
Domain Migration Administrator 7.x
symptom
The migration.log contains an error when trying to translate security for Exchange mailboxes.
symptom
Error: 'Failed to bind to Exchange server.'
symptom
Error: '[7502]E21665: Failed to bind to Exchange server SERVERNAME using credentials cn=userid,cn=domainname, rc=58. The specified server cannot perform the requested operation.'
cause
You must be able to bind to the LDAP directory for the reACLing process to complete. You may not be able to bind to the directory if the Exchange server already has a process bound to that port. Â
note
Domain Migration Administrator 7.x
symptom
The migration.log contains an error when trying to translate security for Exchange mailboxes.
symptom
Error: 'Failed to bind to Exchange server.'
symptom
Error: '[7502]E21665: Failed to bind to Exchange server SERVERNAME using credentials cn=userid,cn=domainname, rc=58. The specified server cannot perform the requested operation.'
cause
You must be able to bind to the LDAP directory for the reACLing process to complete. You may not be able to bind to the directory if the Exchange server already has a process bound to that port. Â
For example, Microsoft RDP (Remote Desktop Protocol) uses port 3389. This is the terminal services client, which is configured, by default, on a computer running Windows XP. If Domain Migration Administrator (DMA) is installed on a computer running Windows XP, this may be causing a conflict with DMA. Or, if Exchange 5.5 is installed on an Active Directory Domain Controller, then the port must be changed from Port 389, as Port 389 is reserved for Active Directory.
fix
Below are some typical resolutions to LDAP issues when binding to Exchange 5.5:
- Install Microsoft Exchange 5.5 Administrator on the Domain Migration Administrator (DMA) console.
- Install the same Exchange service pack as the Exchange server you are connecting to.
- Enable the LDAP protocol on the Exchange server.
- Verify that the port used by the LDAP protocol on the Exchange 5.5 server is unique to LDAP and is not being used by any other application.
- Change the LDAP port number on the Exchange server.
note
You can use the Active Directory Administration Tool (Ldp.exe) from the Windows Support Tools to test the port and protocol connection described above.
- Open the Active Directory Administration Tool (Ldp.exe).
- Select Connection.
- Select Connect.
- Enter the servername and LDAP port number of your Exchange server.
- Leave the Connectionless box clear.
- Click OK.
- Select Connection.
- Select Bind.
- Enter your administrative account credentials.
- These should be the same credentials you are logged in with when trying to run DMA.
- Click OK.
- This is where you may see an error on the right pane.
- Select View.
- Select Tree.
- Leave the BaseDN blank.
- Click OK.
- Browse to one of the objects you are trying to translate.
Additional Information
Formerly known as NETIQKB28723