- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎03-19-2017 04:17 AM
Hi,
Configuring SNow to LDAPs integration.
As we don't have access to application server VM and can't do telnet to determine if 636 is open, is there any other
way to determine if the configuration on the other side is valid and complete?
Thank you.
Dan.
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎03-20-2017 02:04 PM
Ok, got it. Actually, there is a range of IP addresses references from HI portal(My IP information section) for VPN / NO VPN integrations. And in my case, it didn't
match nslookup resolved IP. Thank g*d for FW logs..
Thanks for the assist.

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎03-19-2017 04:56 AM
Hi Dan,
I don't think any other way to check.
To check the configuration you need to be on thier network or your application servers ip has to be publically exposed with port 636.
Also you need a proper credential.
Regards,
Vivek
Based on the impact hit like, correct or helpful.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎03-19-2017 05:07 AM
Thanks again Vivek.
Unfotrinutly, I can't be on their network at the moment, furthermore, they exposed read-only LDAP service on their DMZ so it should be exposed outside their network as well.
I've instructed them to allow inbound connection to that server via 636.
Once configured on both sides, I'm getting "LDAP Server: <My_LDAP_SERVER> URL: ldap://<My_LDAP_SERVER_Hostname>:636/ failed scheduled connection test. ErrorCode: 10305. ErrorMessage: Unknow host <My_LDAP_SERVER_Hostname> ".
From this message I assume one out of 2 things:
1: <My_LDAP_SERVER_Hostname> isn't publicly exposed.
2: Port 636 isn't open.
Am i right? How can i test my theory?
Thanks.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎03-19-2017 05:35 AM
Hi Dan,
If they say the LDAP server is publically exposed then you might have got public IP or DNS. You can telnet that IP or DNS against port 636 to check the communication. If you get error you go with that with your network team
There is one Microsoft utility ldp.exe which is available to test the LDAP connection. That utility was useful when I configure LDAP first time in ServiceNow.
Regards,
Vivek
Based on the impact hit like, correct or helpful.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎03-19-2017 06:03 AM
Yes, but if i understand correctly, i need to telnet from source(service now) machine to get the correct answer from telnet <My_LDAP_SERVER_Hostname> 636.
My question is how can i verify that in fact the port is open and accessible without telneting from the actual vm?