Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1896
Views
10
Helpful
3
Replies

Getting LDAP failed alert when LDAP is not configured on the ISE.

Go to solution
shubhampatki1994
Level 1
Level 1

‎11-01-2021 09:22 AM

Hello All,

 

Our monitoring team came upon some alerts with error severity from the ISE server that the "LDAP connect to domain controller failed"

The thing is we do not have LDAP configured on ISE.

 

I checked on ISE and found the alerts in Reporting with the log id as 1634977810.

Below are the details of the error:

 

Event :- LDAP connect to domain controller failed

Error Details:- The password is incorrect for the given account

Failure Reason:- LDAP connect to domain controller failed

Resolution:- Check corresponding domain controller are available and error conditions.

 

 

But the thing is we don't have LDAP configured in the first place.

 

So why is the ISE creating such kind of error logs.  

I don't believe there is anything to worry for.

 

Any information on this would be helpful.

 

 

TIA.

 

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
hslai
Cisco Employee
Cisco Employee
In response to shubhampatki1994

‎11-02-2021 10:15 PM

Failure Reason:- LDAP connect to domain controller failed

Check the Active Directory join point(s).

View solution in original post

3 Replies 3

Go to solution
Mohammed al Baqari
Level 11
Level 11

‎11-01-2021 07:36 PM

Hi,

Try to run a packet capture for sometime to the LDAP server reported by ISE
to confirm that it attempts connection. If it does, then LDAP is
definitely configured. Now try to view LDAP server using different browser
(I had issues where LDAP servers weren't showing with IE/Chrome but it
doesn't with firefox)

***** please remember to rate useful posts

Go to solution
shubhampatki1994
Level 1
Level 1
In response to Mohammed al Baqari

‎11-02-2021 02:56 AM

Hello Mohammed,

 

Thanks for the reply.

 

The LDAP was never configured on the ISE and we never intend to in the future.

If I navigate to Administration>External Identity Sources> LDAP, there is absolutely nothing. And that is the reason we are a bit amused as to why is ISE trying to authenticate to the LDAP server in the first place. Another thing is all the nodes are reporting this error in the cluster.

Any idea about this?? 

 

TIA

0 Helpful

Go to solution
hslai
Cisco Employee
Cisco Employee
In response to shubhampatki1994

‎11-02-2021 10:15 PM

Failure Reason:- LDAP connect to domain controller failed

Check the Active Directory join point(s).

Customers Also Viewed These Support Documents