Stumped on AD Synchornization for Groups

I just updated to the new version of 3.039 Server/Remote Admin.. I am wanting to do a synchronization to the LDAP of Active Directory.. I have verified I can BIND to the LDAP from the credentials I am using using LDP.

I go into Tools
Server Options
Other Settings
Edit Advanced Settings
Click + next to Setup under ERA Server
Click + next to Active Directory

Under By Groups/AD Sync create I left to default option
Under Active Directory Server I have ldap://FQDN
Active Directory username: domain\useraccount
AD Password: The password for the account associated with above

I have reset the password again to make sure it was not that.. I used my own Domain Credentials which is a Enterprise Admin in Active Directory.

As stated above I can BIND to the ldap using a 3rd party tool

However, my Domain Controllers are Windows 2008 Server which shouldn't matter because it's LDAP V3 still IIRC..

Here is the Screenshot for the error message i get when I hit Ctrl + G to go into Groups Editor.


http://www.bradtechonline.com/eseterror.jpg
__________________

 

Log file

[2009-01-08 10:59:09.869] V2 [49662a9d0016] [00001610] <ACTIVE_DIRECTORY_DEBUGINFO> Synchronize Active Directory Groups starting...
[2009-01-08 10:59:09.885] V1 [49662a890000] [00001610] <ACTIVE_DIRECTORY_ERROR> GroupParserInit: failed, step: 10, code: 0x80005000, description: An invalid ADSI pathname was passed.
[2009-01-08 10:59:09.885] V1 [49662a890000] [00001610] <ACTIVE_DIRECTORY_ERROR> CompOrgADSISearcherProceedOrgSearch: failed, step: 1, code: 0x80004005, description: Unspecified error
[2009-01-08 10:59:09.885] V1 [49662a9d0016] [00001610] <ACTIVE_DIRECTORY_ERROR> Cannot parse active directory groups.
[2009-01-08 10:59:09.885] V2 [49662a9d0016] [00001610] <ACTIVE_DIRECTORY_DEBUGINFO> Synchronize Active Directory Groups finished, took 16ms.
[2009-01-08 10:59:09.885] V2 [49662a9d0016] [00001610] <SESSION_ERROR> ConsoleProcessRequest: C2S_GROUP_SYNCHRO: an error occurred by the synchronization, code (2,0,0), lasterror 0
[2009-01-08 11:06:36.520] V1 [4966329c0293] [000015c4] <NOTIFICATION_ACTION_INFO> Completed task
[2009-01-08 11:37:08.529] V2 [49662a9d0016] [00001610] <ACTIVE_DIRECTORY_DEBUGINFO> Synchronize Active Directory Groups starting...
[2009-01-08 11:37:08.529] V1 [49662a890000] [00001610] <ACTIVE_DIRECTORY_ERROR> GroupParserInit: failed, step: 10, code: 0x80005000, description: An invalid ADSI pathname was passed.
[2009-01-08 11:37:08.529] V1 [49662a890000] [00001610] <ACTIVE_DIRECTORY_ERROR> CompOrgADSISearcherProceedOrgSearch: failed, step: 1, code: 0x80004005, description: Unspecified error
[2009-01-08 11:37:08.529] V1 [49662a9d0016] [00001610] <ACTIVE_DIRECTORY_ERROR> Cannot parse active directory groups.
[2009-01-08 11:37:08.529] V2 [49662a9d0016] [00001610] <ACTIVE_DIRECTORY_DEBUGINFO> Synchronize Active Directory Groups finished, took 0ms.
[2009-01-08 11:37:08.529] V2 [49662a9d0016] [00001610] <SESSION_ERROR> ConsoleProcessRequest: C2S_GROUP_SYNCHRO: an error occurred by the synchronization, code (2,0,0), lasterror 0
[2009-01-08 11:53:57.740] V1 [49662a890000] [000015bc] <UPDATER_ERROR> Update failed, code: 4, aditional code 0x2201, aditional description UPDATE_VER_IS_EMPTY
[2009-01-08 12:50:29.769] V2 [49662a9d0016] [00001610] <ACTIVE_DIRECTORY_DEBUGINFO> Synchronize Active Directory Groups starting...
[2009-01-08 12:50:29.769] V1 [49662a890000] [00001610] <ACTIVE_DIRECTORY_ERROR> GroupParserInit: failed, step: 10, code: 0x80005000, description: An invalid ADSI pathname was passed.
[2009-01-08 12:50:29.769] V1 [49662a890000] [00001610] <ACTIVE_DIRECTORY_ERROR> CompOrgADSISearcherProceedOrgSearch: failed, step: 1, code: 0x80004005, description: Unspecified error
[2009-01-08 12:50:29.769] V1 [49662a9d0016] [00001610] <ACTIVE_DIRECTORY_ERROR> Cannot parse active directory groups.
[2009-01-08 12:50:29.769] V2 [49662a9d0016] [00001610] <ACTIVE_DIRECTORY_DEBUGINFO> Synchronize Active Directory Groups finished, took 16ms.
[2009-01-08 12:50:29.769] V2 [49662a9d0016] [00001610] <SESSION_ERROR> ConsoleProcessRequest: C2S_GROUP_SYNCHRO: an error occurred by the synchronization, code (2,0,0), lasterror 0

 

Could it be that you didn't write LDAP:// or GC:// in uppercase?

It has to be in uppercase in order to work.

 

You need to reinstall ERA, from scratch.

No seriously, this is the fix, because no one from ESET helped me when I had this problem because they didn't know what the problem was.

Turns out for me, reinstalling fixed the problem and now it works fine!

Works OK in the old version, but for some reason screws up when you perform the upgrade to v3.

Would be nice to hear some sort of official word from ESET though rather than telling people to reinstall - not exactly the most friendly fix, but hey it works!

ESET...?

 

Hi,

anyone else noticed that the password for AD sync is not being remembered when setting it through server option -> other -> advanced settings.

I enter a valid password there, policy branch changes blue. Press OK, save the policy. Press OK in the server options screen. Open server options again, view setting and the AD password is set to 'not set' again.

I'm unable to sync with AD due to this.

Any ideas?

Franc.

 

I'm glad to see I'm not the only one with this problem. Just starting to configure the RA and this is the first problem I've hit. I guess I can bypass it for now though.

As for the groups, I had the same error as the first post until I connected a pc I'd used to test NOD32 to the RA server manually and then the relevant groups for that pc became available when I reran the AD group Sync. I'm assuming therefore that the groups are only visible for pc's that have are connected to the RA