Warning
Potential for Data Loss: The steps detailed in the resolution of this article may result in a loss of critical data if not performed properly. Before beginning these steps, make sure all important data is backed up in the event of data loss. If you are unsure or unfamiliar with any complex steps detailed in this article, please contact Product Support for assistance.
Issue
Access Expert LDAP agent unable to connect to Instance
Product Line
EcoStruxure Access Expert
Environment
- Access Expert V3 Hosted
LDAP agent installed OnPrem on-site server (Not the appliance installed by Feenics)
Cause
LDAP agent cannot connect because the Username/PW may be stored in a registry that is no longer valid
Resolution
- Double-check the site setup documentation records that the Username/PW combination is correct
- Run the SEQ Log and see if there's an entry that indicates that the 'Ldap agent is not able to connect to the instance'
Note: In earlier versions of the LDAP on-site installer, it did not remove all registry entries including username/pw, so an older username/pw combination may be used instead of an updated combination.
If the username or password was changed at some point or if alternate combinations were used for troubleshooting then an incorrect combination could be used by the ldap agent to connect to the instance and it cannot. -
Check the login to Access Expert with one of the ldap username/password combinations and if there are 2 (Users) listed in Access Expert, delete the username/pw combination that does not work in Access Expert.
-
Regedit Backup and old Username/PW deletion
-
To obtain a registry backup just in case before deleting an entry:
-
It is suggested to back up the entire Feenics.Keep.ActiveDirectory.Service subkey
-
-
Open regedit and delete the imagepath subkey
-
Windows Start/Run> regedit
-
Locate the following registry key:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Feenics.Keep.ActiveDirectory.Service
-
Right-click on the ImagePath subkey and select 'Delete'
-
Only delete this subkey, not the other
-
-
Reinstall the LDAP integration using the media received directly from Feenics or SE Product Support. i.e. Feenics.Keep.Installer.ActiveDirectory.msi
During the installation ensure the tested username/pw combination is used
-
Verify that the 'Feenics Keep Active Directory Service' starts successfully
-
Go to Start>Run>Services.msc and click Ok
-
Locate the 'Feenics Keep Active Directory Service'
-
Right-click and select Start
-
-
Open SEQ Log and verify that the Ldap agent is able to connect to the Instance.
The SEQ entry at the top of this article 'Ldap agent is not able to connect to the instance.' should no longer appear in the SEQ log. The following entry should be there instead.
-
Verify that the Access Expert Windows User(s) can now be used login to Access Expert
