Skip to main content

 

Druva Documentation

Troubleshooting AD connector errors

This article applies to:

  • OS: Windows 2008 R2 and later
  • Product edition: inSync Cloud

Problem description

  • AD connector shows disconnected on the inSync Management Console and generates authentication error message in the log file.
  • AD connector configured for inSync shows “connected” on the console, but C:\inSyncADConnector.log file keeps on increasing in size.

Causes

  1. AD credentials for the AD connector have expired and need to be resubmitted. You will see AD connector status as ‘Not Connected’ or invalid credentials prompt when trying to import Users in AD mapping as shown below:

    ADConnector.png

    CredentialMessage.png
     
  2. If AD connector setup is running on a server hosting other applications that share the same port with AD connector, such as port 443. There is a conflict for network communication which impacts the AD connector functionality.

Traceback

Since AD connector maintains a persistent connection with the Cloud Master (for inSync Cloud), it will generate an error log due to interference if it has to share its communication port with any other application. The error logs are generated even while the AD connector appears connected.
The following errors are logged  in the inSyncADConnector.log file:

[ERROR] Error <class 'socket.error'>:[Errno 10013] An attempt was made to access a socket in a way forbidden by its access permissions. Traceback -Traceback (most recent call last): 
File "inSyncLib\inSyncRPCServer.pyc", line 351, in serve_forever 
File "socket.pyc", line 224, in meth 
error: [Errno 10013] An attempt was made to access a socket in a way forbidden by its access permissions 

 

Multiple entries of the following type are logged in the graylogs:
[ERROR] CFGID-XX ADConnector not found. Rejecting auth. :_ adcid=XXXX cid=XXXX _:

Resolution

To resolve AD connector authentication issue:

 

  1. Login to the AD connector server.
  2. Launch the Druva AD connector application.

    ADConnectorApp.png
  3. Click Manage AD accounts and enter the credentials.
  4. Click Save. 
  5. On the inSync Management Console, verify if the AD connector is connected and can import new users.

In certain cases, you may have to provide credentials on the Cloud.

 

To resolve errors due to sharing the same port for communication:

  1. Login to inSync Management Console and go to Settings > Connectors tab.
  2. Select the AD connector and click Get Registration key.
  3. Copy the registration key.

    ADGenKey.png
  4. Login to the inSync AD connector server and launch the Druva inSync AD connector application.
  5. Click Change registration key and paste the registration key copied earlier.

    ADChangeKey.png
  6. Click Register and check if error logs are generated in the inSyncADConnector.log file.

    ADConnectorConnected.png
  7. If error logs are generated:
    1. Open the command prompt with administrator privileges.
    2. Run the following command to open the List-port.txt file on the D drive.

      netstat -ano >List-port.txt
    3. In List-port.txt, check the applications sharing the AD Connector port for communication. 
    4. If there are multiple applications using the same port, check if their port number can be modified.
    5. If the application ports cannot be modified, install the AD connector on a new server where its communication port 443 is not shared by other applications.