Troubleshooting occasional LDAP errors - ORF Forums

@tomasz.sokolowski: Hello Tomasz,

Unfortunately, I cannot tell whether this was a temporary issue or not - but it might very well be related to some system resource issue caused by the increased traffic you mentioned - so you should monitor the logs for a while. To avoid further incidents like this I suggest you manually set the LDAP root path in ORF:

1. Start the ORF Administration Tool and connect to the local or a remote instance
2. Navigate to the Blacklists > Recipient Validation page
3. Choose Microsoft Active Directory as validation source from the drop-down menu
4. Click the Configure Selected button
5. Specify the LDAP root manually – if you have multiple domains, use the LDAP path to the Global Catalog server (without a trailing slash)
6. Select the Authentication tab, and enter the user credentials to authenticate with the AD server
7. Click OK and save the ORF configuration (Ctrl + S) to apply the new settings.

In addition to the above, make sure that the DNS server(s) configured in ORF is working properly:

1. Navigate to the System > DNS page
2. Click the Health Check button
3. Click the Run Test button – all DNS queries should pass the test
4. In case the DNS Health Check fails, make sure that your network configuration allows UDP and TCP-based DNS lookups to complete (this can be tested using the Windows nslookup command-line tool) and verify that the UDP/53 and TCP/53 ports are open on your firewall - including the Windows Firewall on the ORF server itself.

I hope this helps.

@tomasz.sokolowski: Although I am no AD expert, I believe the following resources might prove helpful to you in investigating this issue.

https://technet.microsoft.com/en-us/library/cc961809.aspx

https://social.technet.microsoft.com/Forums/windowsserver/en-US/9045a229-6c08-480b-b4d8-a04e21616a3e/how-to-check-for-ldap-problems-logs-events-etc?forum=winserverDS