Issue
The alert is triggered when our internal monitoring has detected that your instance may be experiencing LDAP connectivity issues.
If you are performing your own internal maintenance or you have an expected LDAP outage, do not close the case, to avoid new alerts triggering on the same.
If the monitoring system detected successful login attempts through LDAP into the instance, it will resolve the alert.
Cause
An LDAP server connection test failed from your instance, with more than 10 user login failures detected in the past 15 minutes.
This could indicate that either:
1. A VPN connection used between the instances and the LDAP servers, they could be down.
2. LDAP servers is failing with an specific error (and possible ErrorCode)
3. The LDAPS (secure LDAP) certificate has been changed but it has not been refreshed on the instance.
4. The LDAP server record username/password may be incorrect (it could have been locked or expired)
5. If your instance has moved from one data-center to another
Resolution
1. Please ensure any VPNs used by your instances are up and running.
You can check with the following link: https://support.servicenow.com/sn_customerservice_case_list.do?sysparm_query=sys_created_onONLast%207%20days@javascript:gs.beginningOfLast7Days()@javascript:gs.endOfLast7Days()%5Eu_alert_type%3DCustomer%20VPN%20Status&sysparm_first_row=1&sysparm_view=case&sysparm_filter_only=true
(you need to login to our support site Hi)
2. Contact the LDAP server administrators to validate any problems affecting connectivity. If you have an specific error message, please let them know.
- You can also check the LDAP logs under the same System LDAP tab to look for further possible causes such as failed authentication while any user tries to login.
You can check with the following link: <instance>/syslog_list.do?sysparm_userpref_module=e974e9450a0a0b2600566537af98e87a&sysparm_query=sys_created_onONToday%40javascript%3Ags.daysAgoStart%280%29%40javascript%3Ags.daysAgoEnd%280%29%5Esource%3DLDAP%5EEQ&sysparm_clear_stack=true&sysparm_filter_only=true
(you need to be a system administrator on the instance)
3. If using LDAPS (secure LDAP), validate if the LDAP certificates with your security team as to whether the certificates have been updated or not.
4. Check the username and password set on the LDAP server records are correct and the user is NOT locked or expired in the LDAP server.
5. If your instance has been moved to another data-center (e.g. AHA transfer), please ensure to inclusion list your instances (primary and secondary) IP ranges. More detail on KB0538621 - Finding the IP information for your instance
