10-29-2012 11:39 AM - edited 07-03-2021 10:56 PM
Hi, I am having problems with my WLC to connect in my LDAP (ActiveDirectory).
I have 3 interfaces in the controller:
- Management (vlan709): 10.41.200.253
- lan (vlan 1): 190.1.1.123
- guest (vlan 708): 10.41.222.253
My LDAP server is: 190.1.1.22
The controller could ping the LDAP Server. And LDAP Server ping WLC too.
When the controller try to connect in the LDAP server, return this on debug:
ldap_db.c:1038 Could not connect to LDAP server 1, reason: 1005 (LDAP bind failed).
*LDAP DB Task 1: Oct 29 15:11:16.924: %AAA-3-LDAP_CONNECT_SERVER_FAILED:
*LDAP DB Task 1: Oct 29 15:10:52.932: ldapInitAndBind [1] called lcapi_init (rc = 0 - Success)
*LDAP DB Task 1: Oct 29 15:10:54.932: ldapInitAndBind [1] configured Method Authenticated lcapi_bind (rc = 1005 - LDAP bind failed)
*LDAP DB Task 1: Oct 29 15:10:54.932: ldapClose [1] called lcapi_close (rc = 0 - Success)
*LDAP DB Task 1: Oct 29 15:10:54.933: LDAP server 1 changed state to IDLE
*LDAP DB Task 1: Oct 29 15:10:54.933: LDAP server 1 changed state to RETRY
*LDAP DB Task 1: Oct 29 15:10:54.933: LDAP_OPT_REFERRALS = -1
Someone could help me please?
Thanks
10-29-2012 02:09 PM
Per Best practice keep the LDAP server on Management vlan or on vlan that is not part of dynamic vlan interface of wlc.
http://www.cisco.com/en/US/products/ps6366/products_configuration_example09186a0080a03e09.shtml
10-29-2012 02:33 PM
Hello Saravanan, thanks for your reply.
But because our environment, I can not put in vlan management. I need to be on a separate VLAN, it will not work well?
10-29-2012 02:55 PM
http://www.cisco.com/en/US/tech/tk722/tk809/technologies_tech_note09186a0080810880.shtml
It is important to avoid configuring a dynamic interface in the same sub network as a server that has to be reachable by the controller CPU, for example a RADIUS server, as it might cause asymmetric routing issues.
10-30-2012 11:22 AM
Thanks for your reply.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: