Also check actual communication. ie traceroute / tracert and telnet ... May be a firewall issue. Cheers Ben
_____ From: Ben Chernys [mailto:[email protected]] Sent: May 25, 2010 2:33 PM To: '[email protected]' Subject: RE: BMC's Sample SSO White Paper/Code >From your own logs: <PLGN> <TID: 005300> <RPC ID: 0000000285> <Queue: AREA > <Client-RPC: 390695> /* Tue May 25 2010 08:04:31.5810 */<ARSYS.AREA.LDAP> <SEVERE> Bind: Can't connect to the LDAP server (LDAPERR Code 91) from winldap.h LDAP_CONNECT_ERROR = 0x5b, (same error codes in UNIX) 0x5b == 91 in decimal. Suggest you check communication to LDAP and setting thereof: ports, servers etc. Cheers Ben Chernys Senior Software Architect Software Tool House Inc. Canada / Deutschland / Germany Mobile: +49 171 380 2329 GMT + 1 + [ DST ] Email: <mailto:[email protected]> Ben.Chernys _AT_ softwaretoolhouse.com Web: <http://www.softwaretoolhouse.com/> www.softwaretoolhouse.com Check out Software Tool House's free Diary Editor. Meta-Update, our premium ARS Data tool, lets you automate your imports, migrations, in no time at all, without programming, without staging forms, without merge workflow. <http://www.softwaretoolhouse.com/> <http://www.softwaretoolhouse.com/> http://www.softwaretoolhouse.com/ _____ From: Action Request System discussion list(ARSList) [mailto:[email protected]] On Behalf Of Rodriguez, Rafael J x23718 Sent: May 25, 2010 2:18 PM To: [email protected] Subject: Re: BMC's Sample SSO White Paper/Code ** Danny this is what I'm getting on the failed server: <PLGN> <TID: 005300> <RPC ID: 0000000285> <Queue: AREA > <Client-RPC: 390695> /* Tue May 25 2010 08:04:30.6390 */+VL AREAVerifyLoginCallback -- user v096brtt <PLGN> <TID: 005300> <RPC ID: 0000000285> <Queue: AREA > <Client-RPC: 390695> /* Tue May 25 2010 08:04:30.6390 */<ARSYS.AREA.LDAP> <FINEST> AREAVerifyLoginCallback <PLGN> <TID: 005300> <RPC ID: 0000000285> <Queue: AREA > <Client-RPC: 390695> /* Tue May 25 2010 08:04:30.6390 */<ARSYS.AREA.LDAP> <FINER> ldap_init("jsqremedy2", 389) <PLGN> <TID: 005300> <RPC ID: 0000000285> <Queue: AREA > <Client-RPC: 390695> /* Tue May 25 2010 08:04:30.6390 */<ARSYS.AREA.LDAP> <FINER> connect timeout previously: -1 <PLGN> <TID: 005300> <RPC ID: 0000000285> <Queue: AREA > <Client-RPC: 390695> /* Tue May 25 2010 08:04:30.6390 */<ARSYS.AREA.LDAP> <FINER> connect timeout used: 35000 <PLGN> <TID: 005300> <RPC ID: 0000000285> <Queue: AREA > <Client-RPC: 390695> /* Tue May 25 2010 08:04:30.6390 */<ARSYS.AREA.LDAP> <FINER> ldap_simple_bind("null", null) <PLGN> <TID: 005300> <RPC ID: 0000000285> <Queue: AREA > <Client-RPC: 390695> /* Tue May 25 2010 08:04:31.5810 */<ARSYS.AREA.LDAP> <SEVERE> Bind: Can't connect to the LDAP server (LDAPERR Code 91) <PLGN> <TID: 005300> <RPC ID: 0000000285> <Queue: AREA > <Client-RPC: 390695> /* Tue May 25 2010 08:04:31.5810 */<ARSYS.AREA.LDAP> <SEVERE> Bind: ldap_simple_bind failed [null] <PLGN> <TID: 005300> <RPC ID: 0000000285> <Queue: AREA > <Client-RPC: 390695> /* Tue May 25 2010 08:04:31.5810 */-VL FAIL This is what I get on my qa server: <PLGN> <TID: 000776> <RPC ID: 0000000421> <Queue: AREA > <Client-RPC: 390695> /* Tue May 25 2010 08:11:35.7020 */+VL AREAVerifyLoginCallback -- user v096raro <PLGN> <TID: 000776> <RPC ID: 0000000421> <Queue: AREA > <Client-RPC: 390695> /* Tue May 25 2010 08:11:35.7020 */<AREA.SSO> <INFO> Username: <PLGN> <TID: 000776> <RPC ID: 0000000421> <Queue: AREA > <Client-RPC: 390695> /* Tue May 25 2010 08:11:35.7020 */<AREA.SSO> <INFO> v096raro <PLGN> <TID: 000776> <RPC ID: 0000000421> <Queue: AREA > <Client-RPC: 390695> /* Tue May 25 2010 08:11:35.7020 */<AREA.SSO> <INFO> Network Address: <PLGN> <TID: 000776> <RPC ID: 0000000421> <Queue: AREA > <Client-RPC: 390695> /* Tue May 25 2010 08:11:35.7020 */<AREA.SSO> <INFO> 149.83.18.20 <PLGN> <TID: 000776> <RPC ID: 0000000421> <Queue: AREA > <Client-RPC: 390695> /* Tue May 25 2010 08:11:35.7020 */<AREA.SSO> <INFO> Auth String: <PLGN> <TID: 000776> <RPC ID: 0000000421> <Queue: AREA > <Client-RPC: 390695> /* Tue May 25 2010 08:11:35.7020 */<AREA.SSO> <INFO> Qk1DIFJlbWVkeSBBUlN5c3RlbQ== <PLGN> <TID: 000776> <RPC ID: 0000000421> <Queue: AREA > <Client-RPC: 390695> /* Tue May 25 2010 08:11:35.7020 */<AREA.SSO> <INFO> Login request not coming from the BOXI-IP, checking MID-TIER-IP's... <PLGN> <TID: 000776> <RPC ID: 0000000421> <Queue: AREA > <Client-RPC: 390695> /* Tue May 25 2010 08:11:35.7020 */<AREA.SSO> <INFO> User logging in from a matching Authentication String and Mid-Tier IP: <PLGN> <TID: 000776> <RPC ID: 0000000421> <Queue: AREA > <Client-RPC: 390695> /* Tue May 25 2010 08:11:35.7020 */<AREA.SSO> <INFO> 149.83.18.20 <PLGN> <TID: 000776> <RPC ID: 0000000421> <Queue: AREA > <Client-RPC: 390695> /* Tue May 25 2010 08:11:35.7020 */<AREA.SSO> <INFO> User passed AREA SSO authentication. Login Success <PLGN> <TID: 000776> <RPC ID: 0000000421> <Queue: AREA > <Client-RPC: 390695> /* Tue May 25 2010 08:11:35.7020 */-VL OK <PLGN> <TID: 000776> <RPC ID: 0000000422> <Queue: AREA > <Client-RPC: 390695> /* Tue May 25 2010 08:11:35.7180 */+NS AREANeedToSyncCallback <PLGN> <TID: 000776> <RPC ID: 0000000422> <Queue: AREA > <Client-RPC: 390695> /* Tue May 25 2010 08:11:35.7180 */-NS OK -- 0 <PLGN> <TID: 002876> <RPC ID: 0000000014> <Queue: Prv: 10005> <Client-RPC: 999999> /* Tue May 25 2010 08:12:04.0480 */Plug-In Trace Log -- OFF _____ From: Action Request System discussion list(ARSList) [mailto:[email protected]] On Behalf Of Danny Kellett Sent: Monday, May 24, 2010 3:07 PM To: [email protected] Subject: Re: BMC's Sample SSO White Paper/Code ** Sorry Rafael, I didn't see you replied. The log is not verbose enough. Make sure you have the plugin log level set to ALL From: Action Request System discussion list(ARSList) [mailto:[email protected]] On Behalf Of Zaayer, Ben (Information Technology) Sent: 24 May 2010 19:46 To: [email protected] Subject: Re: BMC's Sample SSO White Paper/Code ** Rafael, we are using the same plug-in provided by BMC's sample code and have a config file, areasso.cfg on the AR Server, that must contain all of the Mid Tier IP addresses, as well as any load-balanced virtual IPs or it will give that error message. Also, on the Mid Tier box make sure that your config.properties and sso.properties in the WEB-INF\classes directories are configured properly. Almost every time we have run into this error it was because one of the Mid Tier or load balanced IPs changed. Ben From: Action Request System discussion list(ARSList) [mailto:[email protected]] On Behalf Of Rodriguez, Rafael J x23718 Sent: Saturday, May 22, 2010 3:48 PM To: [email protected] Subject: Re: BMC's Sample SSO White Paper/Code ** Hello Danny here is a sample of my arplugin log ..snip.. _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug10 www.wwrug.com ARSlist: "Where the Answers Are"
