I'm having issues connecting, synchronizing, or logging in with my user directory. What can I do?

If you encounter any issues with connecting or synchronizing a user directory or logging in with a synced user account, please follow these steps for assistance.

Issues during connection

java.net.ConnectException: Connection refused

Haiilo is unable to connect to the LDAP server because it is unable to resolve the path it can use to the LDAP/Active Directory server. You should check and adjust the following:

  • There might be a reverse proxy blocking the connection.
  • There might be a firewall between the servers blocking the port.
  • Haiilo cannot resolve the LDAP server hostname correctly.

No subject alternative DNS name matching <hostname> found

Haiilo can check the hostname in the SSL certificate when communicating with an LDAP server via SSL. This means that the hostname used to connect to the LDAP server must match the one in the SSL certificate. Otherwise, Haiilo will not be able to connect to the directory.

Another possible cause of this problem is when the Synchronization > Follow Referrals option is enabled in the user directory configuration when connecting to an LDAP directory.

Issues during synchronization

  • If individual users were not synchronized or were considered orphaned, then they were not found during the synchronization process. Therefore, please ensure that all mandatory fields in your directory have been filled for these users. The mandatory field(s) are specified in the user directory settings in Administration > User directories > your directory > User > Attributes for. The other profile fields are optional.
  • An LDAP browser, such as ldapsearch, can help determine if the users are included in the configured filter. If you use the same filter settings as in Haiilo, you should see the same users here as in Haiilo. If your missing user appears here and is filled with all necessary fields, this user should also be imported or updated during the next sync.
  • If an error message appears during synchronization and the error is documented in the logs, you can contact our Service Desk. Our technicians can analyze the log files and give you feedback on the synchronization.

Issues during login

If a synchronized user cannot log in to the platform, there may be problems with the connection or configuration of your user directory set up in Haiilo.

  • Ensure the connection to the user directory still works via the Administration. To do this, edit your user directory and select Test connection in the Connection tab. In case of an error, the button turns red, and a technical error message is displayed. The LDAP error codes and their definitions can be researched on the internet.
  • If the connection works but logging in is still not possible, check if the trailing part/suffix of the userPrincipalName of the affected user matches the AD domain configured in Haiilo. If an AD domain is specified in Haiilo, it must apply to the users.

Was this article helpful?