none
TCP error code 10061: No connection could be made because the target machine actively refused it 127.0.0.1:1500

    Question

  • I executed following command in powershell in windows server 2016 instance in order to configure AD FS to authenticate users stored in an LDAP directory.

    $vendorDirectory = New-AdfsLdapServerConnection -HostName xxx.xxx.xxx.xxx -Port xxxx -SslMode None -AuthenticationMethod Basic -Credential $DirectoryCred

    The target directory is oracle's OUD (LDAPv3 compliant directory) however I got TCP error code 100061 as I entered in the title.

    This OUD server sits in same aws cloud as windows server 2016. I was able to ping to the OUD and got reply back.

    What should I do to rectify this situation?

    Tuesday, November 20, 2018 6:27 PM

Answers

  • My apology for late reply. Just ran into this. Yes, it is resolved for this specific question. It has to do I believe is incomplete AD FS services installation. I thought AD FS services were installed correctly then I realized that from Server Manager console, there is post deployment step I had to follow up which required server certificate for the windows server 2016 in where AD FS services running from. Once the proper certificate was added, New-AdfsLdapServerConnection cmdlet executed without an error.

    • Marked as answer by jrvModerator Thursday, December 6, 2018 9:00 PM
    Thursday, December 6, 2018 2:45 PM

All replies

  • I turned off firewall but I got same error.
    Tuesday, November 20, 2018 6:57 PM
  • So the OUD server isn't the same machine as the one running the New-AdfsLdapServerConnection? That 127.0.0.1 address says you're trying to connect to the local machine, not some other machine.

    --- Rich Matheisen MCSE&I, Exchange Ex-MVP (16 years)

    Tuesday, November 20, 2018 7:03 PM
  • Yes, OUD server is not the same machine. Bear with me, I thought cmdlet I executed would allow AD FS to federate OUD somehow. I must have misunderstood New-AdfsLdapServerConnection? Could you clarify me on this? 
    Tuesday, November 20, 2018 8:53 PM
  • ADFS allows you to authenticate on the Oracle system if configured to allow this.  The systems must be configured to use ADFS and the Oracle connection will be available to any account authenticated through ADFS.  You would connect to ADFS vie the correct fqdn to gain access but this does not connect you to Oracle.

    Post in Oracle forum to understand how this works and how to configure ADFS and Oracle to allow this.

    Note also that Oracle OUD is not an ADFS target but I believe it can be accessed by AD accounts when ADFS and Oracle are configured for this.  Oracle is the best place to get info on how to set this up.


    \_(ツ)_/


    Tuesday, November 20, 2018 8:58 PM
    Moderator
  • I greatly appreciate your insight on this matter and reply.
    Tuesday, November 20, 2018 9:32 PM
  • Simply creating a connection object isn't enough. You also have to configure ADFS to use the other LDAP directory as claims provider (e.g. Add-AdfsLocalClaimsProviderTrust).

    There's probably more to this than just those two cmdlets, though. Look to the ADFS folks and to Oracle for more help.


    --- Rich Matheisen MCSE&I, Exchange Ex-MVP (16 years)

    Tuesday, November 20, 2018 10:25 PM
  • Hi,

    Was your issue resolved?

    If you resolved it using our solution, please "mark it as answer" to help other community members find the helpful reply quickly.

    If you resolve it using your own solution, please share your experience and solution here. It will be very beneficial for other community members who have similar questions.

    If no, please reply and tell us the current situation in order to provide further help.

    Best Regards,

    LEE


    Just do it.

    Tuesday, November 27, 2018 2:51 AM
    Moderator
  • Hi,

    Was your issue resolved?

    If you resolved it using our solution, please "mark it as answer" to help other community members find the helpful reply quickly.

    If you resolve it using your own solution, please share your experience and solution here. It will be very beneficial for other community members who have similar questions.

    If no, please reply and tell us the current situation in order to provide further help.

    Best Regards,

    Lee


    Just do it.

    Tuesday, December 4, 2018 6:41 AM
    Moderator
  • My apology for late reply. Just ran into this. Yes, it is resolved for this specific question. It has to do I believe is incomplete AD FS services installation. I thought AD FS services were installed correctly then I realized that from Server Manager console, there is post deployment step I had to follow up which required server certificate for the windows server 2016 in where AD FS services running from. Once the proper certificate was added, New-AdfsLdapServerConnection cmdlet executed without an error.

    • Marked as answer by jrvModerator Thursday, December 6, 2018 9:00 PM
    Thursday, December 6, 2018 2:45 PM