IDM services are failing to start due to the pki-tomcatd error "netscape.ldap.LDAPException: Authentication failed (49)"
Issue
When attempting to start the IDM services, the pki-tomcatd services fails to start.
[root@ipaserver ~]# ipactl start
Starting Directory Service
Starting krb5kdc Service
Starting kadmin Service
Starting httpd Service
Starting ipa-custodia Service
Starting ntpd Service
Starting pki-tomcatd Service
Failed to start pki-tomcatd Service
Shutting down
Hint: You can use --ignore-service-failure option for forced start in case that a non-critical service failed
Aborting ipactl
[root@ipaserver ~]# ipactl status
Directory Service: STOPPED
Directory Service must be running in order to obtain status of other services
ipa: INFO: The ipactl command was successful
Checking /var/log/pki/pki-tomcatd/ca/debug log, you see the error below:
Internal Database Error encountered: Could not connect to LDAP server host host01.example.com port 636 Error netscape.ldap.LDAPException: Authentication failed (49)
Environment
- Red Hat Enterprise Linux
- Red Hat Identity Management
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.