Folks:
I have spent far too much banging my head against my desk on this topic,
and thought I would ask you all.
I've got TSM 7.1.1 running on RHEL 6.5. Our Microsoft AD servers are
WIndows 2008 R2 but running in 2003 mode.
I wish to configure TSM to allow ADMIN accounts to be authenticated against
Active Directory.
I am *trying* to follow the directions here:
http://www-01.ibm.com/support/knowledgecenter/SSGSG7_7.1.1/com.ibm.itsm.srv.doc/c_mgclinod_managepwlogin.html?lang=en
...but after updating my dsmserv.opt with the following line... and
verifying that a "cert.kdb" file is created... and setting the LDAPUser...
LDAPURL ldap://ADSERVER.unit.company.com:636/OU=Domain
Controllers,DC=unit,DC=company,DC=com
Set LDAPUser
"CN=accountID,OU=Users,OU=AdminUnits,DC=unit,DC=company,DC=com"
The active directory serve "ADSERVER" r is in OU "Domain Controllers"
directory under forest unit.company.com.
The binding account "accountID" is in OU=Users, under OU=AdminUnits, under
forest unit.company.com.
I am unable to set the LDAP password, and get this error. I have followed
all the troubleshooting instructions... is there perhaps a cookbook or some
magic that I am missing?
ANR2017I Administrator SERVER_CONSOLE issued command: SET LDAPPASSWORD
?***?
ANR3114E LDAP error 81 (Can't contact LDAP server) occurred during
ldap_start_tls_s_np.
ANR3103E Failure occurred while initializing LDAP directory services.
ANR2732E Unable to communicate with the external LDAP directory server.
HELP!
Best regards,
Mike Ryder, x7942
RMD IT Client Services
|