"No route to host" when testing external Active Directory Server

Solution Verified - Updated -

Issue

Configuring the user federation or identity brokering to a remote MS AD server from a RH-SSO pod. The SSO log could see below error:

04:01:06,185 ERROR [org.keycloak.services] (default task-5) KC-SERVICES0055: Error when connecting to LDAP: dc01.example.com:389: javax.naming.CommunicationException: dc01.myexample.com:389 [Root exception is java.net.NoRouteToHostException: No route to host (Host unreachable)]
 ......
Caused by: java.net.NoRouteToHostException: No route to host (Host unreachable)
...

The node could access the AD server successful by ping command. The firewall port 389 are opened for both TCP and UDP. It is only the SSO pod could not access the remote AD server.

Environment

  • Red Hat Single Sign-On
    • 7.4
  • Red Hat OpenShift Container Platform
    • 3.11

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content