Loading

Error "External identity store was unreachable" When Importing LDAP identityStore With Simple Bind

Publiseringsdato: Feb 28, 2025
Beskrivelse

When importing LDAP identityStore json with simple bind, the following error might occur:


"Identity store Configuration Error: External identity store was unreachable. The external store is either down or Tableau Server is unable to establish a connection."


Additionally, the following error may be found in the logs: 

...: DEBUG com.tableausoftware.certificates.LinuxCertManager - Loading CA certificates from /etc/pki/ca-trust/extracted/java/cacerts
...: ERROR com.tableausoftware.tabadmin.webapp.impl.IdentityStoreService - IdentityStoreService failure:com.tableausoftware.domain.ldap.LdapConnectException: javax.naming.CommunicationException: simple bind failed: ldaps.host.local:636 [Root exception is javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: None of the TrustManagers trust this certificate chain] (errorCode=100081)
Løsning
Ensure that all SSL Certificates for accessing the LDAP server over SSL have been added to the Java Keystore file.

For more specific information, follow the instructions described in the following article: Identity Store - LDAP bind (Linux) or Identity Store - LDAP over SSL (Windows) in Tableau Help. 

 
Flere ressurser
To further diagnose issues with the SSL cerficiate, OpenSSL can be used to export the SSL certificate from the LDAP server to verify matching and authenticity. Instructions can be found below:
OpenSSL Cookbook: Chapter 2. Testing with OpenSSL

Additionally, instructions for working with the keytool.exe tool included with Tableau can be found at the link below. The Keytool utility can list or export SSL certificates stored to verify that the correct / matching certificate has been added.
Keytool documentation
Knowledge-artikkelnummer

001472950

 
Laster
Salesforce Help | Article