I have an ePO server running 4.6.2 that was just moved to a new server. I followed the steps outlined here https://kc.mcafee.com/corporate/index?page=content&id=KB51438 and made backups of all of the files, renamed the server and kept the same IP. It seems that I missed something as I can no longer synchronize my System Tree with AD. Previously I had the synchronization pointing directly at one of our domain controllers servers and replication was perfect. After the move this no longer worked. I tried to re-create this setup but was unable to connect to the AD tree to select a container that would be synchronized. To resolve that issue I setup a LDAP server to the same domain controller, which tests fine, and used the LDAP setting for the synchronization. Using the LDAP server I was then able to select a container and finish the replication setup. Upon running this task a failure message appears in the server task log instantly. The reason that is reported for the failure is below:
"Synchronization point "XXXXX" failed to connect to the active directory server XXXDC03, user: null\null" The user null\null is what ePO is reporting.
In the EpoApSvr.log this gets reported.
20120803120604 E #02856 NAISIGN Failed to decrypt data. Error=-2146893819
20120803120604 E #02856 NAISIGN Failed to decrypt data. Error=Bad Data (-2146893819)
20120803120604 E #02856 EPOJNI Failed to decrypt using the certificate.
20120803120604 E #02856 EPOJNI Failed to decrypt the agent handler key.
20120803120604 E #02856 EPOJNI Failed to get the Primary Agent Handler Key.
20120803120604 E #02856 NAISIGN Failed to decrypt buffer due to invalid parameters.
20120803120604 E #02856 EPOLDAP Failed to decode and decrypt the LDAP server password
20120803120604 I #02856 EPOLDAP Connected to Server 'XX.XX.XX.XX' resolved from 'XX.XX.XX.XX'
20120803120604 E #02856 EPOLDAP Bind failed, error = Invalid Credentials (49), user XXXX\adminXXX, server XX.XX.XX.XX, port 3268
This points me to the certs but I moved all of these from the original server as per the ePO server move document in KB51438.