Data Center Security

 View Only

  • 1.  Active Directory could not be validated !

    Posted May 22, 2015 04:18 AM

    Hello forumers,

    I'm getting the above error message when I try to add a new active directory server configuration. I've tried the hostname and IP. I've tried secure and insecure. Client firewall is off and there doesn't seem to be any issues with authentication elsewhere.

    The error code isn't particularly verbose. Is there an additional log file I can look at or a trace I can run to find out more information?



  • 2.  RE: Active Directory could not be validated !
    Best Answer

    Posted May 22, 2015 01:03 PM

    The logs for this are located in the sis-server.0.log or the sis-console.0.log, you may need to increase the log level in the sis-server.properties file in the Tomcat/Conf folder.

    I have had problems with adding an AD server for authenticating users into the DCS console.  Did you try using a Domain name instead of a specific AD server hostname?

    One thing to try is run "echo %logonserver%" to see what machine the DCS manager is currently using for authentication, that may help.



  • 3.  RE: Active Directory could not be validated !

    Posted May 26, 2015 06:27 AM

    Thanks Chuck! That was excellent.

    I found my answer with the default logging level in the sis-console.0.log file. If you're having the same issue, search for "Error validating AD Server" and you will find the log entry. My issue seems to be a credentials issue as I am getting an error code that relates to invalid credentials (52e). Here is a table of common codes:

     

    Common AD LDAP codes
    Code Meaning
    525 User not found
    52e Invalid credentials
    530 Not permitted to logon at this time
    531 Not permitted to logon at this workstation
    532 Password expired
    533 Account disabled
    534 The user has not been granted the requested logon type at this machine
    701 Account expired
    773 User must reset password
    775 User account locked