IDPA ACM fails to update the LDAP password after it was changed in Active Directory with error "Failed to update AD password"
Summary: This KB Article helps resolving a problem where ACM cannot update the LDAP password in its configuration files after it was changed in the Active Directory
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Symptoms
ACM is not able to sync the Active Directory LDAP password after it was changed.
ACM UI shows at all times the following message
ACM's log (/usr/local/dataprotection/var/configmgr/server_data/logs/server.log) shows the following error
ERROR [http-nio-8543-exec-3]-util.RestUtil: Rest execution failed due to authentication failed.
ERROR [http-nio-8543-exec-3]-dpcadapter.DPCUtil: checkDPCLDAPConnection --> Unable to execute request on DPC. Exception: com.emc.vcedpa.common.exception.ApplianceException: REST API execution failed. Authentication failed.
at com.emc.vcedpa.common.util.RestUtil.validateResponseStatus(RestUtil.java:184)
at com.emc.vcedpa.common.util.RestUtil.executeRequest(RestUtil.java:130)
at com.emc.vcedpa.common.util.RestUtil.executeRequest(RestUtil.java:88)
at com.emc.vcedpa.dpcadapter.DPCUtil.checkDpcLdapConnection(DPCUtil.java:199)
at com.emc.vcedpa.restadapter.LoginService.changePasswordLdapUser(LoginService.java:882
ERROR [http-nio-8543-exec-3]-dpcadapter.DPCUtil: checkDPCLDAPConnection --> Unable to execute request on DPC. Exception: com.emc.vcedpa.common.exception.ApplianceException: REST API execution failed. Authentication failed.
at com.emc.vcedpa.common.util.RestUtil.validateResponseStatus(RestUtil.java:184)
at com.emc.vcedpa.common.util.RestUtil.executeRequest(RestUtil.java:130)
at com.emc.vcedpa.common.util.RestUtil.executeRequest(RestUtil.java:88)
at com.emc.vcedpa.dpcadapter.DPCUtil.checkDpcLdapConnection(DPCUtil.java:199)
at com.emc.vcedpa.restadapter.LoginService.changePasswordLdapUser(LoginService.java:882
DPC's elg log (/var/log/dpc/elg/elg.log) shows
ERROR localhost-startStop-1 c.e.c.s.a.l.ADLdapAuthenticationProvider Ignoring AD authentication. Verification of ldap settings failed. Failed to connect to LDAP - <active_directory_shortname>:389; nested exception is javax.naming.CommunicationException: <active_directory_shortname>:389 [Root exception is java.net.UnknownHostException: <active_directory_shortname>]
WARN localhost-startStop-1 c.e.c.s.a.l.ADLdapAuthenticationProvider Ignoring AD authentication. Verification of ldap settings via test connection failed
WARN localhost-startStop-1 c.e.c.s.a.l.ADLdapAuthenticationProvider Ignoring AD authentication. Verification of ldap settings via test connection failed
Cause
DPC server is not able to resolve Active Directory short name via DNS and that is causing DPC to fail to connect to the Active Directory.
Resolution
1- Login to DPC as user admin
2- su -
3- cd /var/lib/dpc/elg
4- vi ldap.properties
Change the line:
5- Save the file
6- /usr/local/dpc/bin/dpc stop
7- /usr/local/dpc/bin/dpc start
Note: Make sure Active Directory Fully Qualified Domain Name can be resolved from DPC via DNS by using nslookup. If nslookup does not resolve the Fully Qualified DOmain Name then the DNS server needs to be fixed.
2- su -
3- cd /var/lib/dpc/elg
4- vi ldap.properties
Change the line:
elg.ldap.server.urls=ldap://<active_directory_shortname>:389
to
elg.ldap.server.urls=ldap://<active_directory_fully_qualified_domain_name>:389
to
elg.ldap.server.urls=ldap://<active_directory_fully_qualified_domain_name>:389
5- Save the file
6- /usr/local/dpc/bin/dpc stop
7- /usr/local/dpc/bin/dpc start
Note: Make sure Active Directory Fully Qualified Domain Name can be resolved from DPC via DNS by using nslookup. If nslookup does not resolve the Fully Qualified DOmain Name then the DNS server needs to be fixed.
Affected Products
Integrated Data Protection Appliance FamilyProducts
Data Protection Central, Integrated Data Protection Appliance FamilyArticle Properties
Article Number: 000056280
Article Type: Solution
Last Modified: 20 May 2025
Version: 3
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.