Active Directory connection problem

Hi,

 

Is there are any log file for connecting with AD?

At the moment i can't figure out what is the problem. Just plain error: "Could not connect to the domain server. Check that you entered all necessary information correctly."

 

I know my credentials work. And if i try to put wrong password i get: "Could not complete authentication. Check taht user name and password are correct."

 

Domain server is: servername.domain.local

Username: domain\username

 

FSPM server and console version: 12.10.74204
PS! Tried previous version (12.00) also, but no luck.

 

Any help?

 

 

Best Answer

  • vorkavorka Posts: 8
    Accepted Answer
    I got it working using LDAPS address. ldaps://ip.of.dc:636
    MarkoMård

Comments

  • etomcatetomcat Posts: 1,318 Superuser

    Hello,

     

    Does it work with the IP address for one of the AD servers?

     

    Yours Sincerely: Tamas Feher, Hungary.

  • vorkavorka Posts: 8

    No, same error: "Could not connect to the domain server. Check that you entered all necessary information correctly."

  • vorkavorka Posts: 8

    How can i troubleshoot the connection between policy server and AD?

    Tried without firewall - no luck. Policy server is seraver 2012 R2, added to domain.

  • geremagerema Posts: 23

    Could you please ensure you have sufficient rights to query Active Directory from the root level.

  • vorkavorka Posts: 8
    Yes, i am using domain admin account!
  • vorkavorka Posts: 8

    As you can see, all the info is correct:

     

    fsecure_ad_error.png

     

    IP of DC:

    fsecure_ad_dc_ip.png

     

    User has domain admin rights:

    fsecure_ad_user_rights_.png

     

    And if i test with wrong password, i get different error. Therefore communication to AD is working:

    fsecure_ad_error_wrong_pass.png

     

    So where do i look for error logs?

     

    Best regards

    Andri

  • geremagerema Posts: 23

    Hello Andri,

     

    Please, check <F-Secure installation folder>\Administrator\lib\Administrator.error.log

    etomcatButa
  • vorkavorka Posts: 8
    OK, got some useful info from admin log file:

    at java.lang.Thread.run(Thread.java:745)
    Caused by: javax.naming.AuthenticationNotSupportedException: [LDAP: error code 8 - 00002028: LdapErr: DSID-0C0901FC, comment: The server requires binds to turn on integrity checking if SSL\TLS are not already active on the connection, data 0, v1db1 ]
This discussion has been closed.