Troubleshooting occasional LDAP errors - ORF Forums

Troubleshooting occasional LDAP errors RSS Back to forum


Hi all,

I'm getting occasional errors with LDAP as below ...

Error validating the recipient "" (source: Active Directory). Detecting the LDAP root path has failed. If this computer is not part of a domain, please configure the LDAP path manually in ORF.

I think it might be linked to an increased volume of emails/spam and the LDAP connection is struggling with performance.
How can I troubleshoot this or look further into improving this?

by tomasz.sokolowski 2 years ago

@tomasz.sokolowski: Hello Tomasz,

Unfortunately, I cannot tell whether this was a temporary issue or not - but it might very well be related to some system resource issue caused by the increased traffic you mentioned - so you should monitor the logs for a while. To avoid further incidents like this I suggest you manually set the LDAP root path in ORF:

1. Start the ORF Administration Tool and connect to the local or a remote instance
2. Navigate to the Blacklists > Recipient Validation page
3. Choose Microsoft Active Directory as validation source from the drop-down menu
4. Click the Configure Selected button
5. Specify the LDAP root manually – if you have multiple domains, use the LDAP path to the Global Catalog server (without a trailing slash)
6. Select the Authentication tab, and enter the user credentials to authenticate with the AD server
7. Click OK and save the ORF configuration (Ctrl + S) to apply the new settings.

In addition to the above, make sure that the DNS server(s) configured in ORF is working properly:

1. Navigate to the System > DNS page
2. Click the Health Check button
3. Click the Run Test button – all DNS queries should pass the test
4. In case the DNS Health Check fails, make sure that your network configuration allows UDP and TCP-based DNS lookups to complete (this can be tested using the Windows nslookup command-line tool) and verify that the UDP/53 and TCP/53 ports are open on your firewall - including the Windows Firewall on the ORF server itself.

I hope this helps.

by Daniel Novak (Vamsoft) 2 years ago
(in reply to this post)


@Daniel Novak (Vamsoft): Hi Daniel,

I've put validation to manual. Let see if this helps.

DNS Health Check result is all Pass.

Where in AD can I look for recipient validation issues ? Would this generate specific event code ?

by tomasz.sokolowski 2 years ago
(in reply to this post)


@tomasz.sokolowski: Although I am no AD expert, I believe the following resources might prove helpful to you in investigating this issue.

by Daniel Novak (Vamsoft) 2 years ago
(in reply to this post)


@Daniel Novak (Vamsoft): Thank you Daniel.

by tomasz.sokolowski 2 years ago
(in reply to this post)

New comment

Fill in the form below to add a new comment. All fields are required. If you are a registered user on our site, please sign in first.

It will not be published.
hnp1 | hnp2