Support Questions
Find answers, ask questions, and share your expertise

LDAPs sync issue

LDAPs sync issue

New Contributor

We are getting bind error while synchronizing LDAP users and groups for configuring Ambari Authentication using AD.

We have followed below steps:

1. ambari-server setup-ldap

Using python  /usr/bin/python

Setting up LDAP properties...

Primary URL* {host:port} (

Secondary URL {host:port} : Use SSL* [true/false] (true):

User object class* (user):

User name attribute* (sAMAccountName):

Group object class* (group):

Group name attribute* (cn):

Group member attribute* (member):

Distinguished name attribute* (dn):

Base DN* (dc=xxx,dc=com):

Referral method [follow/ignore] (follow):

Bind anonymously* [true/false] (false):

Manager DN* (cn=svc_ranger,ou=ranger,ou=yyy,dc=xxx,dc=com):

Enter Manager Password* :

Re-enter password:

Do you want to provide custom TrustStore for Ambari [y/n] (n)?y

TrustStore type [jks/jceks/pkcs12] (jks):jks

Path to TrustStore file :/etc/ambari-server/keys/xxx.jks

Password for TrustStore:

Re-enter password:

authentication.ldap.managerDn: cn=svc_ranger,ou=ranger,ou=yyy,dc=xxx,dc=com

authentication.ldap.managerPassword: *****

ssl.trustStore.type: jks

ssl.trustStore.path: /etc/ambari-server/keys/xxx.jks

ssl.trustStore.password: *****

Save settings [y/n] (y)? y

Saving...done Ambari Server 'setup-ldap' completed successfully.

2. ambari-server sync-ldap --all

Using python  /usr/bin/python

Syncing with LDAP...

Enter Ambari Admin login: admin

Enter Ambari Admin password:

Syncing all.......................................ERROR: Exiting with exit code 1. REASON: Caught exception running LDAP sync. simple bind failed:; nested exception is javax.naming.CommunicationException: simple bind failed: [Root exception is Connection reset] ]


Re: LDAPs sync issue

@Yashu Sharma, Make sure that that the host and port for the LDAP server (or rather Active Directory) is correct and that the SSL certificate being used by the Active Directory is valid and imported into the configured trust store. Also ensure that the manager credentials are correct.

Could there be a firewall or proxy between the Active Directory and Ambari?

Was Ambari restarted after setting the LDAP sync properties?