Forum Discussion
Kevin_Stewart
Employee
Jul 10, 2013The issue appears to be in the LDAP AAA configuration. Are you using a host name for the server, and if so is it resolvable? Can the BIG-IP reach the LDAP server via the required LDAP port (usually 389 or 636)?
You can test access to the LDAP server from the management shell with the ldapsearch command. Example:
ldapsearch -H ldap://10.70.0.1:389 -x -b cn=users,dc=mydomain,dc=com -D administrator@mydomain.com -w [password] [search criteria ex. cn=bob]
You need to be able to see LDAP traffic leave the BIG-IP for the LDAP server. I'd start with that before troubleshooting anything else.