When I try to "Add Provider" when creating a login domain I'm getting the error "Unable to validate provider. Please check you configuration." , now where am I suppose to look ? 

When the initial setup of the NXD I added Two NTP providers and Two DNS providers but for some reason it wasn't able to validate them.

It looks like it doesn't want to validate it, now when reading https://www.cisco.com/c/en/us/td/docs/dcn/nd/2x/user-guide/cisco-nexus-dashboard-user-guide-211.pdf , there was a part about custom attribute-value (AV) pair, and I'm not so sure about it.
I'm trying to validate using a user let's say named "networkie" , does it matter? does it really have to be "admin"? 

 setting it up in the APIC worked but the Nexus Dashboard doesn't allow it for some reason.

The acs ping works fine. Im using IDM for the ldap.
You are correct , both the DNS and the LDAP configuration prompt validation failed. and for both is the same server.

I also would like to add that the APIC has the same LDAP and it works just fine.

Referring to Redhat IDM?  APIC & ND use similar authentication processes, so not sure why one would work, and the other would not.  Might want to grab a sniffer capture on the validation attempt by ND, and see what it is/is-not returning to ND. 

For APIC authenticaiton are you using AV Pair or Group maps?

Robert

I do refer to Redhat IDM. 

I will try to sniff but on what side ? Should I sniffer on the IDM or rather the CLI of the Nexus Dashboard?

Also , Maybe one of the logs inside /logs/* might help? But I'm not sure where to look. 

If only I'd know what causes the error. It just says check your configuration, what where to check 🥲

For the APIC I use Group Maps. but the problem is also with the DNS provider in the NXD, which doesn't require LDAP but still prompt that he can't validate it. 

It seems like the query works from the LDAP side, I'm lost,

My only guess might be is that the query doesn't go back from the leaf switch into the NXD

That's what a packet capture would determine, the full transaction between ND & IDM.  Capture both directions, if you see the query hit the LDAP server, but doesn't return anything - its something on the IDM side.  You'd need someone more versed with IDM to assist if that's the case.  

Robert

BTW - which LDAP port are you using?  389 or 636?

Robert

Im using port 389 which prompts an almost immediate error and when I try 636 it does seem to load a bit I figure trying to search the Certificate and then fails all the same.

I didn't quite understand which Certificate I should use .

Well I found the problem.
When setting up the DNS , it by default send a "svc.intersight.com." and "fake.server.fail.junk.local." 
Now why is that and how can I modify that. I solved it by adding it to the IDM but it is not a good solution.

I imagine it's attempting to test resolve intersight's DNS resource.  As for the other DN, I'd have to dig further.  Glad it's working.  I imagine once it validates you could probably delete those CNAMEs/Aliases from IDM.

Robert