Article ID: 6480, created on Jun 26, 2009, last review on May 9, 2014

Symptoms

Creation of Service Container fails with the following error:

Adding group 'Parallels Infrastructure Manager Users'
[ERROR -7] Failed to add group - Failed to initialize the database: LDAP connection error: 81, Server Down

Cause

There could be several reasons of the issue:

  1. Service Container is created with IP address already assigned to Hardware Node or another CT;
  2. Windows Firewall inside Service Container blocks LDAP ports;

Resolution

Solutions:

  1. Use another IP for Service Container or let the wizard assign IP automatically. Make sure vzsveaddress resolves to the IP of the service container from the hardware node, and that the host is reachable. For instance, if the IP of the service container is 10.10.10.10 , this can be done by appending the following to C:\WINDOWS\system32\drivers\etc\hosts:

    10.10.10.10 vzsveaddress
    
  2. Open required ports or disable firewall inside Service Container.

NOTE: You need to run the below commands on the hardware node during service container creation.

Open command prompt on the node and issue one of the following commands as soon as SCT is created and starts installing components:

To open required LDAP ports:

  • For Windows Server 2003:

    vzctl exec --skiplock 1 netsh firewall set portopening protocol=TCP port=4450 name="ADAM and PIM authorization 4450"
    vzctl exec --skiplock 1 netsh firewall set portopening protocol=TCP port=4452 name="ADAM and PIM     authorization 4452"
    
  • For Windows Server 2008:

    vzctl exec 1 netsh advfirewall firewall add rule name="OpenPort 4450" dir=in action=allow protocol=TCP localport=4450
    vzctl exec 1 netsh advfirewall firewall add rule name="OpenPort 1452" dir=in action=allow protocol=TCP localport=4452
    

Or to disable firewall inside SCT:

vzctl exec --skiplock 1 net stop sharedaccess

Also ipsec can cause issues too, stop it using this command:

vzctl exec --skiplock 1 net stoppolicyagent

319940068c5fa20655215d590b7be29b c9ea6ca1b35b3385431f406f1be737be 2897d76d56d2010f4e3a28f864d69223

Email subscription for changes to this article
Save as PDF