Page Comparison

Ensure that you enable the MS AD Sync service for the synchronization to work. For information, see Enabling and Disabling Services on HostsServers.

Error status “LDAP Result Code 52 \"Unavailable 
If you receive the following message: 'Error status “LDAP Result Code 52 \"Unavailable' it is an indication that the login has failed due to the user directory is unavailable for authenticating the user. Configuring LDAP over SSL in the Server should resolve the issue. In MS AD  "Active Directory Certificate Services" must be installed in order to have CA installed. If that is not done, SSL related errors may be encountered when attempting SSL related error while trying to sync the groups. 

Do keep in mind that connectivity between the AD server and BloxOne encrypts the communication channel using SSL/TLS protocol depending upon what’s supported by the server/client. It is a requirement that AD Server should have at least SSL protocol enabled and a self-signed certificate applied.

To remedy this issue, the following checks to the server should be performed: 

• Check if the AD Server has at least SSL protocol enabled and a self-signed certificate applied and is valid.
• To verify if SSL is enabled or not, please check the value for:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Client\DisabledbyDefault (1 is enabled and 0 is disabled)
• Please note that SSL and TLS are just sets of protocols but you will still require a certificate to digitally bind a cryptographic key.

If you receive the following message: 'Error status “LDAP Result Code 52 \"Unavailable' it is an indication that the login has failed due to the user directory is unavailable for authenticating the user. Configuring LDAP over SSL in the Server should resolve the issue. In MS AD  "Active Directory Certificate Services" must be installed in order to have CA installed. If that is not done, SSL related errors may be encountered when attempting to sync the groups. 

Do keep in mind that connectivity between the AD server and

Infoblox Platform encrypts the communication channel using SSL/TLS protocol depending upon what’s supported by the server/client. It is a requirement that AD Server should have at least SSL protocol enabled and a self-signed certificate applied.

To remedy this issue, the following checks to the server should be performed: 

• Check if the AD Server has at least SSL protocol enabled and a self-signed certificate applied and is valid.
• To verify if SSL is enabled or not, please check the value for:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Client\DisabledbyDefault (1 is enabled and 0 is disabled)
• Please note that SSL and TLS are just sets of protocols but you will still require a certificate to digitally bind a cryptographic key.

For information on how to enable Transport Layer Security (TLS) protocol, see Configuring DNS Forwarding Proxy.