ISSUE: Sitecore AD Module throws error: The AD membership provider couldn't be initialized: Value cannot be null.
ERROR The AD membership provider couldn't be initialized: Value cannot be null.
Parameter name: name
Message: Value cannot be null.
Parameter name: name
at System.DirectoryServices.ActiveDirectory.DirectoryContext..ctor(DirectoryContextType contextType, String name, String username, String password)
at LightLDAP.SitecoreADProfileProvider.Initialize(String name, NameValueCollection config)
After having gone through all the troubleshooting steps mentioned in Sitecore's AD module documentation if you are still running into this issue then this maybe the post you have been looking for.
I ran into an issue after having configured the AD module as per the "text book" in CM and CD environments and the connection was working correctly in CM but not in CD. My immediate answer was, since CD is not on the same domain as AD server but CM is, it has to be an access issue.
Then to confirm access I used Softerra's LDAP Browser to see if I can could connect to AD server using the connection string from CM and it worked in both CM and CD environment. At this point I felt I had to reach out to Sitecore. After a couple of rounds of correspondence and Sitecore pointing out the obvious, they were able to pin point the issue.
SOLUTION 1: You must have access the ports 389 and 445 open on CM, CD and AD servers.
Further more, Sitecore recommended having both inbound and outbound firewall access on those ports.
Ran into a wall with the client's Data Center where they could not open port 445. As a workaround Sitecore then recommended disabling the Profile configuration (if not required) since Profiles require communication over port 445.
SOLUTION 2: Disable Profile providers Profile SwitchingProviders
Here are a few things I have learnt working with the AD module:
- If your CM or CD servers are not on the same domain as your AD server you may run into this issue
- If your CM, CD servers and AD servers cannot access each other on ports 389 and 445 you may run into this error. Easiest way to check port access is to run "telnet <server ip/domain> <portnumber>, if you get a blank screen, you have access, if you get "Connecting To <server>...Could not open connection to the host, on port <portnumber>: Connect failed", you do not have access
- Try and use fully qualified domain names in your LDAP connection string
Post a Comment