This is because the host doesn't seem to accept connections to the 636 port.
Try with Apache Directory Studio to connect with the same credentials to check from another tool. Regards, -- Sebastien BAHLOUL IAM / Security specialist Ldap Synchronization Connector : http://lsc-project.org Blog : http://sbahloul.wordpress.com/ 2011/11/2 Rohler, Brian L <[email protected]> > ~/lsc-1.2.1# clear; bin/lsc -f etc -c all -s all**** > > Nov 02 09:10:40 - DEBUG - Reading configuration from /root/lsc-1.2.1/etc/* > *** > > Nov 02 09:10:40 - DEBUG - Loading configuration url: > file:/root/lsc-1.2.1/etc/lsc.properties**** > > Nov 02 09:10:40 - INFO - Starting sync for user**** > > Nov 02 09:10:40 - INFO - Connecting to LDAP server > ldap://localhost/DC=neeshub,DC=org as cn=search,dc=neeshub,dc=org**** > > Nov 02 09:10:40 - DEBUG - Using JNDI URL setting of > "ldap://localhost:389/dc=neeshub,dc=org??base?(objectclass=*) "**** > > Nov 02 09:10:41 - DEBUG - Adding 'F' sync type for attribute name > objectClass.**** > > Nov 02 09:10:41 - DEBUG - Adding 'F' sync type for attribute name default. > **** > > Nov 02 09:10:41 - DEBUG - Synchronizing user for {gidnumber=3000, > uid=gjie, uidnumber=2718}**** > > Nov 02 09:10:41 - INFO - Connecting to LDAP server ldaps:// > example.neeshub.org/DC=example,DC=local as > CN=administrator,CN=Users,DC=example,DC=local**** > > Nov 02 09:10:41 - DEBUG - Using JNDI URL setting of "ldaps:// > example.neeshub.org:636/dc=example,dc=local??base?(objectclass=*) "**** > > Nov 02 09:10:41 - ERROR - Error opening the LDAP connection to the > destination!**** > > Nov 02 09:10:41 - ERROR - Error while synchronizing ID {gidnumber=3000, > uid=gjie, uidnumber=2718}: java.lang.RuntimeException: > javax.naming.CommunicationException: simple bind failed: > example.neeshub.org:636 [Root exception is java.net.SocketException: > Connection reset]**** > > Nov 02 09:10:41 - DEBUG - java.lang.RuntimeException: > javax.naming.CommunicationException: simple bind failed: > example.neeshub.org:636 [Root exception is java.net.SocketException: > Connection reset]**** > > ** ** > > I did’t paste any more since it failed the connection.**** > > ** ** > > *From:* Sébastien Bahloul [mailto:[email protected]] > *Sent:* Wednesday, November 02, 2011 8:01 AM > *To:* Rohler, Brian L > *Cc:* [email protected] > *Subject:* Re: [lsc-users] SSL over LDAP issue**** > > ** ** > > Hi Brian,**** > > ** ** > > Can you setup the DEBUG level and pastebin the exception ?**** > > ** ** > > Regards,**** > > ** ** > > -- > Sebastien BAHLOUL > IAM / Security specialist > Ldap Synchronization Connector : http://lsc-project.org > Blog : http://sbahloul.wordpress.com/ > > > **** > > 2011/11/2 Rohler, Brian L <[email protected]>**** > > I've have followed the instructions at > http://lsc-project.org/wiki/documentation/1.2/howtos/ssltls but I still > can't get a connection to AD.**** > > ** ** > > Nov 01 16:06:08 - INFO - Starting sync for user**** > > Nov 01 16:06:08 - INFO - Connecting to LDAP server > ldap://localhost/DC=example,DC=org as cn=search,dc=example,dc=org**** > > Nov 01 16:06:09 - INFO - Connecting to LDAP server ldaps:// > server.example.org/DC=example,DC=local as > CN=administrator,CN=Users,DC=example,DC=local**** > > Nov 01 16:06:09 - ERROR - Error opening the LDAP connection to the > destination!**** > > ** ** > > What else am I doing wrong? Connection to port 389 works great. The > firewall has port 389 and 636 open on inbound connections. **** > > ** ** > > > ######################################################################################### > **** > > # Destination Server Configuration for Active Directory**** > > > ######################################################################################### > **** > > # This section is mandatory since all synchronizations currently go to an > LDAP directory.**** > > # Connection URL. This must include a valid LDAP context.**** > > dst.java.naming.provider.url = ldaps:// > server.example.org/DC=example,DC=local**** > > dst.java.naming.security.authentication = simple**** > > dst.java.naming.tls = true**** > > dst.java.naming.security.principal = > CN=administrator,CN=Users,DC=example,DC=local**** > > dst.java.naming.security.credentials = secret**** > > dst.java.naming.referral = ignore**** > > dst.java.naming.ldap.derefAliases = never**** > > dst.java.naming.ldap.pageSize=1000**** > > dst.java.naming.ldap.sortedBy=sAMAccountName**** > > dst.java.naming.factory.initial = com.sun.jndi.ldap.LdapCtxFactory**** > > dst.java.naming.ldap.version = 3**** > > ** ** > > ** ** > > > _______________________________________________________________ > Ldap Synchronization Connector (LSC) - http://lsc-project.org > > lsc-users mailing list > [email protected] > http://lists.lsc-project.org/listinfo/lsc-users**** > > ** ** >
_______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] http://lists.lsc-project.org/listinfo/lsc-users
