I've hit the same snag - only problem is, when I do add the domain.suffix\bindusername - the sync is not successful- - thus creating a catch 22, I can't get the state to active, and I can't change the sync to get it correct - because that breaks the sync. I've not been able to fiddle around this at all.Message was edited by: bjorn.nilsson
That is more or less correct, example:
domain name : sub.domain.net
(or choosing server name: dc.sub.domain.net )
user name:sub.domain.net\account does not work
user name:account works <- but generates the error-code described in this thread.
Try to use Windows domain name. Use "Test Connection" button to test connection to your LDAP server.
Is your ePO server on the same domain as AD?
Can you view all single user accounts from AD domain when you trying to add new EE user to your test system (PC)?
It is via the test connection I established the scenarios above.
The epo-server should reside within the same domain as the LDAP-quieries are polling against.
Yes, I can browse and add users/groups/OU's when assigning to computer/computers - and add.
The error-code comes within the time the agent tries to grab the policies for the user-part.
I've never came across the same issue with similar (identical) setups before, nor in the lab.
The errorcode in question that made me end up on this thread:
YYYY-M-D 12:25:9,691 DEBUG MfeEpeHost From uuid = [UID-STRING] From Service = To uuid = To Service = MfeEpeServiceDCServer Message = <element xsi:type="ns1CDataMsg"><sendTo serviceName="MfeEpeServiceDCServer" xsi:type="ns1:MfeEpeAddress"></sendTo><name>EEADMIN_1000_UsersAndMachineIDExc</name><data>
<message>com.mcafee.orion.core.ui.InvalidParameterException: There were invalid parameters when trying to get user policies.</message>
YYYY-M-D 12:25:9,694 ERROR EpoPlugin [0xEE000005] Failed to deserialize type
Thus, making me end up again with a scenario that I cannot change the LDAP-connection, because it will not work if I do - but, if I don't the poll for user policies will never run correctly..Message was edited by: bjorn.nilsson on 5/4/10 1:33:26 PM CDTMessage was edited by: bjorn.nilsson - code-tags. on 5/4/10 1:34:15 PM CDTMessage was edited by: bjorn.nilsson - no codetags.. on 5/4/10 1:35:39 PM CDT
Policies are configured and enforced, and it's not a VM - and look above for my answer regarding the domain\user format.
I might have found an inconsistency with assigning a policy with a user/group (bad spelling). Waiting for result on that. Still, I cannot use the format
needed when creating the 'server connector'..
Message was edited by: bjorn.nilsson on 5/5/10 4:59:37 AM CDTMessage was edited by: bjorn.nilsson on 5/5/10 7:06:55 AM CDT
I think that error is not harmfull, there are other deficiences that make your EE inactive.
Please step through installation procedure and read recent posting on the same topic.Message was edited by: peter_eepc on 5/4/10 3:39:40 PM EDT