Open joelrader-ping opened 4 years ago
From PingFederate logs (partial):
Caused by: com.pingidentity.common.util.ldap.LDAPErrorException$InvalidCredentials: [LDAP: error code 49 - invalid credentials] at com.pingidentity.common.util.ldap.LDAPUtil.convertLdapException(LDAPUtil.java:2186) ~[pf-protocolengine.jar:?] at com.pingidentity.common.util.ldap.LDAPUtil.createLdapConnectionPool(LDAPUtil.java:404) ~[pf-protocolengine.jar:?] at com.pingidentity.common.util.ldap.LDAPUtil.newInstance(LDAPUtil.java:290) ~[pf-protocolengine.jar:?] at com.pingidentity.common.util.ldap.LDAPUtil.newInstance(LDAPUtil.java:236) ~[pf-protocolengine.jar:?] at org.sourceid.saml20.domain.mgmt.impl.AdminUserManagerLDAPImpl.loadProperties(AdminUserManagerLDAPImpl.java:338) ~[pf-protocolengine.jar:?]
... 84 more
That looks like a missing value in env_vars
Deploying this stack and trying to log into the PingFederate admin console gives an authentication error. Looks to be trying to do a lookup into PingDirectory that's failing. From PingDirectory logs (snippet):
[26/Jun/2020:11:22:18.254 +0000] BIND RESULT instanceName="03eec6f86141" threadID=10 conn=24 op=0 msgID=1 requesterIP="192.168.0.6" version="3" dn="cn=pingfederate" authType="SIMPLE" resultCode=49 resultCodeName="Invalid Credentials" qtime=0 etime=0.186 authFailureID=4 authFailureReason="Unable to bind to the Directory Server as user cn=pingfederate because no such user exists in the server" clientConnectionPolicy="default"