FIX: Error message when IAG checks the password expiration and you use the Active Directory repository on LDAPS: "Server Not Operational"

This article has been archived. It is offered "as is" and will no longer be updated.
SYMPTOMS
In Microsoft Intelligent Application Gateway (IAG) 2007, you use the Active Directory repository on Lightweight Directory Access Protocol Secure Sockets Layer (LDAPS) port 636. When IAG 2007 tries to check the password expiration automatically, you receive the following LDAP error message:
Server Not Operational
Note All other operations for authentication and authorization work correctly.

Note The operation works correctly on non-SSL LDAP port 389 with no other configuration changes.
CAUSE
This problem occurs because LDAPS binds to the Internet Protocol (IP) address instead of to the fully qualified domain name (FQDN) when LDAPS checks password expiration.
RESOLUTION
To resolve this problem, install Update 1 for IAG 2007 Service Pack 2 (SP2).

For more information about Update 1 for IAG 2007 Service Pack 2, click the following article number to view the article in the Microsoft Knowledge Base:
968384 Description of Update 1 for Intelligent Application Gateway 2007 Service Pack 2
STATUS
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
MORE INFORMATION
When LDAPS checks password expiration, LDAPS must make the binding by using the FQDN. Additionally, the binding FQDN must be the FQDN of the domain controller and not of the domain name only.
REFERENCES
For more information about how to troubleshoot this problem, click the following article number to view the article in the Microsoft Knowledge Base:
938703 How to troubleshoot LDAP over SSL connection problems
For more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:
824684 Description of the standard terminology that is used to describe Microsoft software updates
Properties

Article ID: 967695 - Last Review: 01/15/2015 09:57:25 - Revision: 1.1

  • Microsoft Intelligent Application Gateway 2007
  • kbnosurvey kbarchive kbexpertiseinter kbfix kbsurveynew kbqfe KB967695
Feedback