RE: sametime proxy ldap, CWWIM4520E Ben Williams 20.Nov.15 09:38 AM Lotus Notes Sametime Standard 9.0Windows
Hi. The STProxy application doesn't need access to LDAP, that's handled by the Community server but it seems that WAS does need access. WAS may not be querying LDAP rather WAS will try to connect with any LDAPs in wimconfig.xml through federated repositories. If it cannot reach the LDAP server it will continue on it's merry way after throwing an exception.
I cut access to the LDAP servers for my RHEL test deployment and on stopNode I saw socket timeout exceptions but the node agent did stop as I was using a local account (wasadmin) to stop the node agent.
If I was using an LDAP account then the outcome may have been different.
If you cannot for security reasons open 389 then try in all scenarios and does the node agent and apps server start and stop OK? If so, then leave 389 blocked. If it doesn't matter then just open it to keep your logs cleaner.