Issue using LDAP_LINK_DRYRUN_CONNECT and LDAP_LINK_DRYRUN_SEARCH

  • Document ID:KM03712504
  • Creation Date:25-Sep-2020
  • Modified Date:25-Sep-2020
    • Micro Focus Products:
      vertica

This document is under revision.

Summary

Solution: ---------------- So here as you can see the error "LDAP parameters (for server "ldaps://iscorpdcvip.private.massmutual.com") is malformed - cannot use both: "ldaps" and "StartTLS" . . Please check your LDAP Authentication parameter value 'starttls' .set "StartTLS" param in function to 0 instead of 1 . For reference, please use this article: https://www.vertica.com/docs/9.3.x/HTML/Content/Authoring/Security/ClientAuth/UsingLDAPOverSSLAndTLS.htm

Question

We are attempting to use the LDAP_LINK_DRYRUN_CONNECT function to test LDAP connectivity to a second LDAP server that is going to be temporarily required. We are first testing usability of the function using known working parameters from our existing LDAP connection, and the function fails with error:
SQL Error [9345] [0A000]: [Vertica][VJDBC](9345) ERROR: Dry Run Connect Failed!
No other reasons given. We are using the following function call. Server and password are masked, otherwise all is accurate. Again, these parameters are exactly what is specified for our LDAP Authentication setup which works without issue. Can you let us know if we are using the function correctly? Putting urgency as high for now as this is needed for a critical project due next week. Thank you.


SELECT LDAP_LINK_DRYRUN_CONNECT('ldaps://server.company.com','CN=svc3usigusername,OU=3 Batch Service Accounts,OU=Batch Service Accounts,OU=MFG_Applications,DC=na,DC=mmfg,DC=net','xxxxxxxx',1,'allow','/etc/pki/tls/certs/ca-bundle.crt');

.

SQL Error [9345] [0A000]: [Vertica][VJDBC](9345) ERROR: Dry Run Connect Failed!

Answer

Error:
.
SQL Error [9345] [0A000]: [Vertica][VJDBC](9345) ERROR: Dry Run Connect Failed! .This error usually occurs if the url is incorrect or there is an SSL issue. The vertica.log clearly shows the issue in this case.
.
 2020-09-15 13:55:41.944 Init Session:0x7fe9ef7f0700 [Session] <INFO> [PQuery] TX:0(v_advana_node0002-74052:0xad8e94) SELECT LDAP_LINK_DRYRUN_CONNECT('ldaps://iscorpdcvip.private.xxx.com','CN=svc3usigvertica,OU=3 Batch Service Accounts,OU=Batch Service Accounts,OU=MFG_Applications,DC=na,DC=mmfg,DC=net','********',1,'allow','/etc/pki/tls/certs/ca-bundle.crt')
2020-09-15 13:55:41.988 Init Session:0x7fe9ef7f0700 [Session] <INFO> [Query] TX:0(v_advana_node0002-74052:0xad8e94) SELECT LDAP_LINK_DRYRUN_CONNECT('ldaps://iscorpdcvip.private.xxx.com','CN=svc3usigvertica,OU=3 Batch Service Accounts,OU=Batch Service Accounts,OU=MFG_Applications,DC=na,DC=mmfg,DC=net','********',1,'allow','/etc/pki/tls/certs/ca-bundle.crt')
 
2020-09-15 13:55:41.989 Init Session:0x7fe9ef7f0700 <LOG> @v_advana_node0002: 00000/6308: LDAP parameters (for server "ldaps://iscorpdcvip.private.xxx.com") is malformed - cannot use both: "ldaps" and "StartTLS"
 
2020-09-15 13:55:41.992 Init Session:0x7fe9ef7f0700 <ERROR> @v_advana_node0002: 0A000/9345: Dry Run Connect Failed!
 
 
 
Solution:
----------------
So here as you can see the error "LDAP parameters (for server "ldaps://iscorpdcvip.private.massmutual.com") is malformed - cannot use both: "ldaps" and "StartTLS" .
.
Please check your LDAP Authentication parameter value 'starttls' .set "StartTLS" param in function to 0 instead of 1
.
For reference, please use this article: https://www.vertica.com/docs/9.3.x/HTML/Content/Authoring/Security/ClientAuth/UsingLDAPOverSSLAndTLS.htm