Sailpoint IQ Service Intermittent connection: The Server is not operational

ancardoso · January 10, 2025, 2:37pm

Which IIQ version are you inquiring about?

8.2 P7

Hello guys,

I’m having an issue setting up the connection to IQ Service with TLS.
The first test connection fails with the error below, but if we do an test connection right after the failure, the test connection is sucesfull.

Error:

[ InvalidConfigurationException ] [ Possible suggestions ] Ensure that: a) SearchDN is valid. b) The user is active. c) The user is not locked. d) Domain certificate is available in trusted root folder on IQService machine if Domain Configuration TLS is enabled. [ Error details ] Exception occurred while executing the RPCRequest: Errors returned from IQService. “Failed to connect to the server for cn=users,dc=enc,dc=local:The server is not operational. The server is not operational. . HRESULT:[0x8007203A]Failed to connect to the server for cn=users,dc=enc,dc=local:The server is not operational. The server is not operational. . HRESULT:[0x8007203A]”

The IQService is installed on a windows server on the same network as the Domain controllers.

The SearchDN is valid;
The user is not locked;
The user is active;

Can you please assist me?

Thank you

enistri_devo · January 10, 2025, 3:04pm

Hi @ancardoso,

do you some LB or FW between IIQ and AD? or between hte IQService and AD?

fcmendoza · January 10, 2025, 5:25pm

Welcome to the community. I might of missed this info, but did you create a security cert for your server?

mkumariaas · January 11, 2025, 9:16am

@ancardoso may be you can narrow down the issue.
if you are using LB then use individual server and then check which server it is failiing , if it is not failing then check LB what is there if some network issue.
it can be network issue or communication between iqservice and windows forest/domain or Cert issue.

ancardoso · January 14, 2025, 11:14am

Yes, we have a FW between IQ Service server and AD.

ancardoso · January 14, 2025, 11:15am

The team has extracted the certificate from the AD Server and IQ Server and I’ve uploaded the certs in the Java store.

ancardoso · January 14, 2025, 11:16am

Thank you M Kumar, we are not using a loadbalancer to the IQ Service.

enistri_devo · January 14, 2025, 11:32am

it could be the problem, review the configuration of FW because it could cause this behavior.

kumar_priya · January 14, 2025, 6:21pm

check certificate if it is on SSL

system · March 15, 2025, 6:21pm

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.