Summary: The 'LDAP server is not available' error may prevent you from performing any task that requires connectivity to the Domain Controller or Active Directory Server. It may occur when you try installing Exchange Server Cumulative Update or trying to register or renew the edge subscription. In this blog, we shared solutions that you may follow to resolve the error message.
Lightweight Directory Access Protocol or LDAP is a protocol used by servers to store user credentials and other data, such as usernames, passwords, email addresses, etc., and authenticate users to allow access to various files and features on the server.
In Exchange Server, the administrator can set up Active Directory Domain Services (AD DS) or opt for Active Directory Lightweight Directory Services (AD LDS), an LDAP directory service without any dependencies requiring AD DS.
Although AD LDS LDAP provides only a subset of AD DS capabilities, it makes the AD LDS lighter, leaner, and independent. This allows you to run multiple instances of AD LDS on a single computer with an independent schema for each instance —without integrating with the existing Active Directory.
However, many administrators using AD LDS have reported encountering the ‘LDAP server is unavailable’ error while installing the Microsoft Exchange Server Cumulative Updates. The error reads as follows:
"An Active Directory error XXXX occurred when trying to check the suitability of server 'DomainController.YourDomainName.net'. Error: 'Active directory response: The LDAP server is unavailable.' ---> System.DirectoryServices.Protocols.LdapException: The LDAP server is unavailable."
In this article, we have shared some solutions to resolve the ‘LDAP server is unavailable’ error message.
Following are some solutions that you can try to fix the LDAP server is unavailable error.
Check Firewall
Windows Firewall may cause issues while updating or upgrading the server. You can disable the Firewall temporarily to finish the upgrade and then enable it. Ideally, you should never disable Windows Firewall on Exchange Server. However, such situations often call for such actions. Moreover, disabling the Windows Firewall temporarily won’t cause a major issue. Your system remains protected with a network firewall but enabling Windows Firewall is also critical.
If you don’t want to disable Windows Firewall temporarily, check the Windows and Network firewall rules to allow Exchange to work. This will help you finish the upgrade or update without encountering connectivity issues with the LDAP (AD LDS) server.
Check DNS Resolution
DNS issues or incorrect DNS can prevent the Exchange Server from contacting or reaching the Domain Controller or the Active Directory LDS server, leading to an ‘LDAP server is an unavailable error.
You can perform a DNS check by using the following command in the Command Prompt window:
nslookup set q=max DomainName.com
Check the output for discrepancies and fix them.
Check the Exchange CU Prerequisites
The Exchange CU you are trying to install may have some prerequisites that you must install or configure before beginning the CU upgrade. If you try to install the CU without fulfilling the prerequisites, you may encounter the error ‘LDAP server is unavailable’ and issues during CU installation.
Visit the Exchange Servers build number page and click on the CU build to check the prerequisites. You may also use the Exchange Deployment Assistant to check all the prerequisites required to upgrade the CU.
Ensure the Exchange Server is Connected to Domain
Before upgrading, check the connectivity to your Active Directory Domain controller to prevent the ‘LDAP server is unavailable’ error. To test the connectivity to the AD LDS or Active Directory Domain Controller, you may use the AD Explorer.
We also recommend using the LDP.exe, a lightweight Directory Access Protocol or LDAP client. It allows you to perform, connect, search, modify, bind, or delete AD operations. In addition, you can use it to view the objects stored in AD with metadata and attributes.
To learn more and use LDP, refer to this Microsoft documentation.
Make Sure Global Catalog (GC) is enabled on the Server
Global Catalog must be enabled on the LDAP or AD LDS servers to avoid such errors. The steps are as follows:
- Open the Active Directory Sites and Services snap-in.
- Go to the nTDSDSA object (NTDS Settings) under the server object for the DC you want to enable the Global Catalog (GC) for.
- Right-click on NTDS Settings and chooses Properties.
- Under the General tab, click the Global Catalog checkbox and click OK.
Once enabled, you may try again and update your Exchange Server.
To Wrap Up
In this article, we shared some solutions to help you fix the LDAP server is not available issue. However, if these solutions don’t work out for you or resolve your issue, you can set up a new server with the latest Cumulative Update and move the mailbox database from the old server to this newly upgraded server. If the database storing the mailbox is not accessible or damaged or the server has stopped working, you can use an Exchange server recovery software, such as Stellar Repair for Exchange, to repair the database currently on the existing server and export the recovered mailboxes directly to the new server in a few clicks. The software auto-maps source and destination mailboxes and provides an option to create new mailboxes directly from the software interface, allowing you to restore user mailboxes and resume Exchange services quickly.
About The Author
Ravi Singh is a Senior Writer at Stellar®. He is an expert Tech Explainer, IoT enthusiast, and a passionate nerd with over 7 years of experience in technical writing. He writes about Microsoft Exchange, Microsoft 365, Email Migration, Linux, Windows, Mac, DIY Tech, and Smart Home. Ravi spends most of his weekends working with IoT (DIY Smart Home) devices and playing Overwatch. He is also a solo traveler who loves hiking and exploring new trails.
