4 Replies Latest reply on Sep 15, 2015 1:14 AM by lnurmi

    Active Directory Connection Issue?

    totti10

      Hi,

       

      I have this problem when checking AD connectivity:         

      Ad_Connectivity.jpg

      Actually, i successful retrieve all user in AD, but it too slow to display in the User tree @@.

       

      Does anyone have any idea about this issue?

       

      Thanks and Regards!

        • 1. Re: Active Directory Connection Issue?

          Hello

           

          I would check the management server traces from installation directory/tmp/, and perhaps packet captures to see what goes wrong and at what end. If issue persists I recommend opening an SR for a full investigation.

          • 2. Re: Active Directory Connection Issue?
            totti10

            Hi,

            I found some logs, but not sure what's the issues is:

            E!com.stonesoft.h2a.mgtserver.ldap.accessor WARN [2015-09-08 11:18:30,792] [RMI TCP Connection(20)-10.0.1.1] [am.f UW:1:2:Admin:en TX] {{DB,CLIENT}}

            M!Ignore reference on subsequent LDAP servers: Unprocessed Continuation Reference(s) while browsing dc=xx,dc=com

             

             

            E!com.stonesoft.util.rmi.exception INFO [2015-09-08 11:18:47,339] [RMI TCP Connection(8)-10.0.1.1] [] {}

            M!public abstract od com.stonesoft.h2a.mgtserver.persistency.am.f(od)

            com.stonesoft.util.a.d: LDAP user domain xx.com is not reachable.

              at com.stonesoft.h2a.mgtserver.ldap.ai.a(ai.java:82)

              at com.stonesoft.h2a.mgtserver.ldap.ai.i(ai.java:59)

              at com.stonesoft.auth.h.k.restore(k.java:40)

              at com.stonesoft.h2a.mgtserver.persistency.u.f(u.java:86)

              at sun.reflect.GeneratedMethodAccessor132.invoke(Unknown Source)

              at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.ja va:43)

              at java.lang.reflect.Method.invoke(Method.java:483)

              at com.stonesoft.util.f.g.a(g.java:7)

              at com.stonesoft.util.f.h.a(h.java:36)

             

             

            Thanks and Regards!

            • 3. Re: Active Directory Connection Issue?
              thyvarin

              Hi,

               

              With quick google search the first warning looks to be related to LDAP referrals:

              http://stackoverflow.com/questions/12222869/need-elaboration-on-unprocessed-cont inuation-reference

               

              The second message tells that LDAP domain is not reachable. Could it be that AD gives referral for this domain on different AD server, and management server don't have LDAP connectivity to that AD server?

               

              BR,

              Tero

              • 4. Re: Active Directory Connection Issue?
                lnurmi

                I'd check what Tero mentioned. But also check that the base DN in your AD server element matches to what is found in the AD. Maybe there's a typo and you get referral error because of that. I've also seen that it can be case-sensitive, so check that the base DN in SMC and the DN in AD match case-wise too.

                 

                - Lauri