1 Reply Latest reply on May 24, 2012 4:12 AM by JoeBidgood

    EPO 4.6.1 Active Directory Synchronization fails


      Im using EPO 4.6.1 (build 1192).

      Im having a problem with Active Directory sychronization.


      Task log shows:

      Synchronization point XXXX failed to connect to active directory server XXXX, user: XXXX.


      Orion log shows:

      Error [msf:pool-2-thread-3] scheduler.Engine  - Active Direcory/NT Domain Synchronization failed with exception

      java.util.concurrent.ExecutionException: com.mcafee.orion.core.cmd.CommandException: Error, all sync points failed to synchronize.

           at java.util.concurrent.FutureTask$Sync.innerGet(FutureTask.java:222)



      EpoApSvr log shows:

      EPOJNI     Failed to get the primary Agent Handler key.

      EPOJNI     Failed to get the primary Agent Handler key.

      NAISIGN     Failed to decrypt buffer due to invalid parameters.

      EPOLDAP     Failed to decode and decrypt the LDAP server password.

      EPOLDAP     Connected to Server 'XXXXXXXXXXXX' resolved from 'XXXXXXXXX'

      EPOLDAP     Bind failed, error = Invalid Credentials (49), user XXXXXX, server XXXXXXXX, port 389.



      I double checked the user and password, works fine.

      Tried other credentials, problem persists.


      I checked that the user name for AD server in Registered Servers has the domain listen in front of it - which it does.

      I have also tested the connection in Registered Server which connects fine.


      Packet sniffing shows the LDAP server does indeed respond with "invalidCredentials" (that also means no firewall blocking the connection).


      Restarting the services did not solve the problem.


      AD Sync just fails instantly.



      Any ideas?





      on 5/23/12 6:19:14 PM CDT