Hello,
I’m trying to connect graylog to my Windows AD via LDAPS, but it is failing.
LDAP connection on port 389 is OK.
LDAPS connection on port 636 is OK after I install the graylog cert on my Windows AD in ‘personnal certificate’.
My certificate is signed by my PKI.
However, when I click for the second time on ‘test connection’: it fails
I got the error:
Couldn’t establish connection to …:636
An error occurred while attempting to connect to server …:636: IOException(LDAPException(resultCode=91 (connect error), errorMessage=‘An error occured while attempting to establish a connection to server …:636: SocketException(Connection reset),ldapSDKVersion=6.0.10, revision=…’))
Graylog-server is in 5.2.4.
I’ve tried to see the eventviewer in my AD, I got an error: The directory service has disconnected the LDAP connection from the following network address due to a time-out. (event 1317).
nc-vz MY_DC.MY_AREA 636 → open
realm list → joined to my domain.
I’ve tried to disable nftable but it’s not usefull
I can’t see anything relevant in /var/log/graylog-server .
I’ve 2 DC. The same error happened on the second DC. After that, I delete the certificate on the DC, reimport it but id didn’t work anymore.
I tried that again few hours later and LDAPS worked again for 1 time only.
Have you got any idea why it works only 1 time?