Link to home
Start Free TrialLog in
Avatar of iamuser

asked on

LDAP authentication failing from web page

on one of my web sites I set LDAP authentication via a LDAP query to my domain DC. if i go and log into the default main page authentication seems to work fine. If i go into a sub page containing a .aspx file authentication will fail

I get this message

Exception information:
    Exception type: System.DirectoryServices.AccountManagement.PrincipalServerDownException
    Exception message: The server could not be contacted.

Inner exception information (level 1):
    Exception type: System.DirectoryServices.Protocols.LdapException
    Exception message: The LDAP server is unavailable.
The only place where the LDAP string is declared is via the web.config file.
Avatar of btan

I presume port 445 is already open for LDAP otherwise you see this exception. Also use of LDAPConnection class required DNS to connect to LDAP. Likewise, if impersonating user identity is used in order to connect to the LDAP, and if this user is not available in the active directory of that domain hosting the server content then an exception is thrown.

See (pertaining to DNS resolution) -
Users would randomly get this message when they Login, it was driving me crazy. I think I have fixed this problem by providing the full windows name and port instead of just using the AD server hostname.
<add key="LDAPPath" value="LDAP://,DC=ndl,DC=OURDOMAIN,DC=com"/>
See (pertaining to LDAP port) -
the error is fixed.
And yes it was a firewall problem. Our infrastructure guys checked our firewall to our data centre and all port needed were open. But ... there was another firewall. When we opened ldap-ssl and 445 the issue was solved.
Tip. I also added logging on the AD server. You can do this using the registry:
Avatar of iamuser

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of iamuser


We never though to look at DNS for the cause