Event ID1220 LDAP over Secure Sockets Layer (SSL) will be unavailable at this time because the server was unable to obtain a certificate.

-

event warning 1220 generated in domain,deleted , recreate new certificate having same problem.

  ldap on secure sockets layer (ssl) unavailable @ time because server unable obtain certificate. 
 
additional data 
error value: 8009030e no credentials available in security package


 urce:        microsoft-windows-activedirectory_domainservice

date:          1/4/2014 1:00:39 pm
event id:      1220
task category: ldap interface
level:         warning
keywords:      classic
user:          n/a
computer:      dc2.chickbuns.com
description:
ldap on secure sockets layer (ssl) unavailable @ time because server unable obtain certificate. 

additional data 
error value:
8009030e no credentials available in security package
event xml:
<event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <system>
    <provider name="microsoft-windows-activedirectory_domainservice" guid="{0e8478c5-3605-4e8c-8497-1e730c959516}" eventsourcename="ntds ldap" />
    <eventid qualifiers="32768">1220</eventid>
    <version>0</version>
    <level>3</level>
    <task>16</task>
    <opcode>0</opcode>
    <keywords>0x8080000000000000</keywords>
    <timecreated systemtime="2014-01-04t10:00:39.545990500z" />
    <eventrecordid>3300</eventrecordid>
    <correlation />
    <execution processid="508" threadid="648" />
    <channel>directory service</channel>
    <computer>dc2.chickbuns.com</computer>
    <security />
  </system>
  <eventdata>
    <data>8009030e</data>
    <data>no credentials available in security package</data>
  </eventdata>
</even

  

hi,

based on research, event id 1220 logged on domain controller when client computers attempt make ldap-over-ssl connection directory when ssl connections not enabled on directory.

if want domain controller or ad lds server support ssl connections, need provide certificate for ad ds or ad lds.

have installed active directory certificate services on domain controller?

if have, please make sure certificate valid.

if not, can install , configure active directory certificate services (ad cs) role on domain controller or can import certificate trusted certification authority (ca).

here related links below useful you:

event id 1220 — ldap on ssl

http://technet.microsoft.com/en-us/library/dd941846(v=ws.10).aspx

ldap connection error on ssl 636 port

http://social.technet.microsoft.com/forums/windowsserver/en-us/bb0327c7-a9e3-4b99-b3f4-c144f4ec2eea/ldap-connection-error-over-ssl-636-port?forum=winserverds

i hope helps.

best regards,

amy wang



Windows Server  >  Windows Server General Forum



Comments

Post a Comment

Popular posts from this blog

Azure MFA with Azure AD and RDS

-
i have setup following lab in azure , need help. a server (domain controller) , remote desktop services. and server multi factor authentication server. i have setup following one http://www.rdsgurus.com/uncategorized/step-by-step-using-windows-server-2012-r2-rd-gateway-with-azure-multifactor-authentication/ and when im connecting got following error. the user "domain\username", on client computer "xxx.xxx.xxx.xxx", did not meet connection authorization policy requirements , therefore not authorized access rd gateway server. authentication method used was: "ntlm" , connection protocol used: "rpc-http". following error occurred: "23003". also on security log i've got following authentication details: connection request policy name: ts gateway authorization policy network policy name: - authentication provider: radius proxy authentication server: test.test.local authenticati...
Read more

Failed to setup initiator portal. Error status is given in the dump data.

-
hi team, server configured boot san  after booting  facing issue windows server 2008 r2 system logs continuously generating iscsi port error event id 5 failed setup initiator portal. error status given in dump data. eventdata \device\raidport1 000004000100000000000000050000c0000000000000000000000000000000000000000000000000070200c0 binary data: in words 0000: 00040000 00000001 00000000 c0000005 0008: 00000000 00000000 00000000 00000000 0010: 00000000 00000000 c0000207 in bytes 0000: 00 00 04 00 01 00 00 00 ........ 0008: 00 00 00 00 05 00 00 c0 .......À 0010: 00 00 00 00 00 00 00 00 ........ 0018: 00 00 00 00 00 00 00 00 ........ 0020: 00 00 00 00 00 00 00 00 ........ 0028: 07 02 00 c0 ...À hi, please read through article below troubleshoot issue: error event id 5 logged in system log on computer uses iscsi software initiator connect iscsi target device http://suppo...
Read more

Failed to delete the test record dcdiag-test-record in zone test.com

-
ps c:\users\administrator.test> dcdiag /test:dns directory server diagnosis performing initial setup:    trying find home server...    home server = dc02    * identified ad forest.    done gathering initial info. doing initial required tests    testing server: default-first-site-name\dc02       starting test: connectivity          ......................... dc02 passed test connectivity doing primary tests    testing server: default-first-site-name\dc02       starting test: dns          dns tests running , not hung. please wait few minutes...          ......................... dc02 passed test dns    running partition tests on : forestdnszones    running partition tests on : domaindnszones    running partition tests on : schema ...
Read more