Support Center > Search Results > SecureKnowledge Details
Identities are not saved on PDP because the LDAP SSL fingerprint is not matched
Symptoms
  • The user configured LDAP account unit servers to work with SSL.
  • Although the SSL fingerprint was changed on the server, it was not updated in SmartConsole.
  • The following error appears in the PDP debug:
    @ . . . [Date & Time] ldap_ctx_fingerprint_check: ldap_async: SSL finger print does not match
Cause

AD Query sometimes requires a specific server to resolve LDAP group membership. If the SSL fingerprint verification fails, a fail back to another server will not occur. 


Solution
Note: To view this solution you need to Sign In .