Now we can analyze the tcpdump capture file (ldap.pcap) to determine if JFrog Platform / Artifactory is able to connect to the LDAP server.
1. The following TCP sequence (a TCP 3-way handshake) is seen when the TCP connection to the LDAP server established successfully. If you just see the SYN going and no SYN, ACK returning then the LDAP server is not reachable from the JFrog Platform / Artifactory host.
1 10.132.0.88 10.166.0.2 TCP 76 43114 → 389 [SYN] Seq=0 Win=28400 Len=0 MSS=1420 SACK_PERM=1 TSval=3831820 TSecr=0 WS=128
2 10.166.0.2 10.132.0.88 TCP 76 389 → 43114 [SYN, ACK] Seq=0 Ack=1 Win=28160 Len=0 MSS=1420 SACK_PERM=1 TSval=958410 TSecr=3831820 WS=128
3 10.132.0.88 10.166.0.2 TCP 68 43114 → 389 [ACK] Seq=1 Ack=1 Win=28416 Len=0 TSval=3831852 TSecr=958410
2. In the example below, we may see the SYN request is being retransmitted and no SYN, ACK returning. If you see this, verify that your LDAP server is UP, the LDAP URL you configured is valid, and network configuration (proxy, firewall, router, etc) is allowing the traffic to reach the LDAP server.
1 10.132.0.88 10.166.0.2 TCP 76 47692 → 389 [SYN] Seq=0 Win=28400 Len=0 MSS=1420 SACK_PERM=1 TSval=4991787 TSecr=0 WS=128
2 10.132.0.88 10.166.0.2 TCP 76 [TCP Retransmission] 47692 → 389 [SYN] Seq=0 Win=28400 Len=0 MSS=1420 SACK_PERM=1 TSval=4992788 TSecr=0 WS=128
3 10.132.0.88 10.166.0.2 TCP 76 [TCP Retransmission] 47692 → 389 [SYN] Seq=0 Win=28400 Len=0 MSS=1420 SACK_PERM=1 TSval=4994792 TSecr=0 WS=128
4 10.132.0.88 10.166.0.2 TCP 76 [TCP Retransmission] 47692 → 389 [SYN] Seq=0 Win=28400 Len=0 MSS=1420 SACK_PERM=1 TSval=4998800 TSecr=0 WS=128