I'm using ePO4.5 and EEPC v6. I have created a group in AD and put AD accounts into the group. I have then added this group as Encryption users on a client PC. I can then successfully do an LDAP synchronisation on the ePO server, and the correct accounts are pushed onto the client PC.
However, if certain AD accounts are members of the AD group, the LDAP sync fails. The task log just says it is starting to synch the AD group, and then the task finishes. The orion.log says, "ERROR [mfsool-2-thread-2] scheduler.Engine - task [LDAP sychronisation] failed with exception
java.util.concurrent.ExecutionException: com.mcafee.orion.core.cmd.CommandException: Wrong LDAP server connection supplied".
I can't find any pattern for which AD accounts sync OK and which fail.
Any thoughts on where the problem lies would be greatly appreciated.
Yes, the Test Connection is successful every time. The LDAP synchronisation works successfully too. But if I add, for instance, my AD account to the AD group being synchronised, the sync fails. Remove my account from the group, the sync works again. There is something about my, and certain other AD accounts, that the LDAP sync process does not like and it aborts.