MID server not able to connect when configured with a user with LDAP Authentication


Description

A MID Server using LDAP user may fail with authentication, the node logs show the instance can not connect to LDAP for authentication:

 Error: StartupSequencer WARNING *** WARNING *** Could not authenticate user '------------' on the ServiceNow instance

Cause

If an LDAP user is configured in the config.xml of a MID server, this sends a basic authentication request to the instance. Once the instance receives this authentication request, the Node will send out an authentication request to the LDAP server (if LDAP setup is not using MID) to authenticate the user based on LDAP server settings.

If using the Node to connect to the LDAP server, we are going to use the NAT'ed IP range to send a request to customer LDAP server. The NAT'ed range should be included in the allow-list of the customer instance firewall, so that the request can succeed. Failure to connect to the LDAP will cause the MID server to not connect to the instance.

Resolution

- Make sure your connection to LDAP server is successful when using LDAP user for your MID server.

- Allow the NAT range in your SN provided firewall, so that mid user can successfully authenticate.

Additional Information

Refer to KB0538621 - Finding the IP information for your instance to retrieve information about the source address used for your instance integration.