Authentication through LDAP can have several different configuration sources and can be highly technical. This guide covers the tools and a general methodology to address LDAP issues; we highly recommend involving your IT or technical departments when setting up or troubleshooting with LDAP.

 

Common Errors & Recommended Troubleshooting 

 

Error: "Can't contact LDAP server, Unable to bind to LDAP server"

Solution: The 'Contact' portion of this error indicates that Formstack could not reach your server and the 'Bind' error means that if we did reach your server we could not authenticate with it using the provided username and password.  

If some users are able to log in and others are hitting this error, then this points to an issue within the LDAP server and further logging on the LDAP server-side may be needed.

 

Error: “ERROR: A matching account could not be found”

Solution: If the User exists, try deleting the requested user first and then re-creating this user to see if this re-authenticates correctly.

 

Error: “Username already exists for this authentication provider”

Solution: This usually means an existing account has another authentication method enabled. If so, the user should sign in using that method (such as email and password).

This error message can also be received if the Username Attribute of their LDAP credentials doesn’t match the username of their account. If so, the user can update the attribute at their identity provider (for instance, back to the old value if it had been previously updated).  

 

Error: “ERROR: A matching account could not be found”

Solution: If the User exists, please try deleting the requested user first and then re-creating this user to see if this re-authenticates correctly.

 

 

Error: ERROR: Invalid authentication account (Error ID: c3969e092a94294b4e4d)

Solution: This indicates the user who last attempted to log in is not under the same account as where they are logging in or attempting to log in under. 

 

Error: "Can't contact LDAP server"

Solution: The settings may be incorrect, such as the wrong URL or IP address depending on how this is configured or that you are not able to connect to the LDAP server publicly.

If you enter “mydomain.example.com” in the LDAP hostname, you will need to make sure that the Formstack servers can access this either by whitelisting our IP address or by setting your LDAP server host accessible to us publicly.

 

Error: "ERROR: Unable to authenticate: invalid_response, The status code of the Response was not Success, was Requester"

Solution: This is a generic error that occurs when we are unable to parse the response that we receive back and usually means that there was some kind of error on or bad data that has been sent back.

Errors like this generally occur with SAML and in these cases, the XML sent back is not like a regular response, rather it may have been configured to hit a webpage instead of sending back the correct XML SAML response.

Was this article helpful?
0 out of 1 found this helpful

Comments

0 comments

Please sign in to leave a comment.