SSPR is giving an occassional error of "directory is unavailable"
immediately following a password change.

Looking at the logs, it reports "...successfully changed password..."
then "...5017 ERROR_DIRECTORY_UNAVAILABLE...". Any ideas of what is
happening immediately after a successful password change that would
cause this issue?


2015-06-25T15:58:17Z, INFO , operations.PasswordUtility, {8k,test} user 'UserIdentity: {"userDN":"cn=test,o=PEOPLE","ldapProfile":"defaul t"}' successfully changed password [xx.xx.x.xxx]
2015-06-25T15:58:20Z, FATAL, servlet.TopServlet, {8k,test} 5017 ERROR_DIRECTORY_UNAVAILABLE (unable to contact ldap directory: unable to create connection: unable to bind to ldaps://vault.kumc.edu:636 as cn=test,o=PEOPLE reason: [LDAP: error code 49 - NDS error: failed authentication (-669)]) [xx.xx.x.xxx]


Currently the configuration is:
vault.kumc.edu load balanced by F5.

We have been considering pointing at a single instance of the idvault.
Are there any issues load balancing the idvaults?

Frank Sorio

gfsorio's Profile: https://forums.netiq.com/member.php?userid=10004
View this thread: https://forums.netiq.com/showthread.php?t=53846