Troubleshooting LDAP issues in ServiceNow


This article guides you through the process of troubleshooting Lightweight Directory Access Protocol (LDAP) issues in ServiceNow. It provides steps to help eliminate the common causes of your problems by verifying that the configuration of your networking is correct.
Symptoms may include:
  • Users are unable to log in to the system.
  • A single user is unable to log in to the system.
  • The log in screen shows an invalid user name or password.
  • Authentication is slow.
  • The user cannot connect to the LDAP server.


Determine whether any of the troubleshooting steps below are true for the environment. Each step provides a link to an article to help users eliminate possible causes and take corrective action as necessary:

  1. Determine if SAML or LDAP is being used in the instance. For more information, see KB0538787: Determining if SAML or LDAP is being used in the instance.
  2. Talk to the system administrator to determine if there was a change to the network, including VPN and firewalls.
  3. Verify whether the OU definition has changed. For more information, see KB0538642: Determining if the OU definition has changed
  4. Verify whether the certificate is expired on the instance. For more information, see KB0538674: Determining if the certificate is expired on the instance.
  5. Confirm that the LDAP server is running properly. For more information, see KB0538675: Determining if the LDAP server is down.
  6. Confirm that the LDAP main and failover servers are running. For more information, see KB0538724: Determining if the main and failover LDAP servers are running.
  7. Confirm that the LDAP source field is correctly populated. For more information, see KB0538740: Determining if the LDAP source is missing or misconfigured.
  8. Confirm that the correct LDAP server is configured. For more information, see KB0538726: Determining if the wrong LDAP server is configured.
  9. Verify if a user is marked inactive or locked. For more information, see KB0538725: Determining if a user is marked inactive or locked.

Note: If the problem still exists after trying the steps in this article, submit an incident to Customer Support and note this Knowledge Base article ID (KB0539111) in the problem description. For more information, see Submitting an Incident.


Article Information

Last Updated:2019-08-02 21:31:33