Skip to main content
Druva Documentation

Troubleshooting inSync Connector errors

This article applies to:

  • OS: Windows 2008 R2 and later
  • Product edition: inSync Cloud

Overview

This article provides the resolution steps for errors occurring in inSync Connectors. 

Problem description: inSync Connector authentication issue

inSync Connector appears disconnected on the inSync Management Console but generates an authentication error message in the log file.

Cause

AD credentials for the inSync Connector have expired and need to be resubmitted. You will see inSync Connector status as ‘Not Connected’ or invalid credentials when trying to import Users in AD mapping as shown below:

ADConnector.png

CredentialMessage.png

Traceback

Since inSync Connector maintains a persistent connection with the Cloud Master (for inSync Cloud), it will generate an error log due to interference if it has to share its communication port with any other application. The error logs are generated even while the inSync Connector appears connected.
The following errors are logged  in the inSyncADConnector.log file:

[ERROR] Error <class 'socket.error'>:[Errno 10013] An attempt was made to access a socket in a way forbidden by its access permissions. Traceback -Traceback (most recent call last): 
File "inSyncLib\inSyncRPCServer.pyc", line 351, in serve_forever 
File "socket.pyc", line 224, in meth 
error: [Errno 10013] An attempt was made to access a socket in a way forbidden by its access permissions 

 

Multiple entries of the following type are logged in the graylogs:
[ERROR] CFGID-XX ADConnector not found. Rejecting auth. :_ adcid=XXXX cid=XXXX _:

Resolution

To resolve AD connector authentication issue:

  1. Login to the inSync Connector server.
  2. Launch the Druva inSync Connector application.

    ADConnectorApp.png
  3. Click Manage AD accounts and enter the credentials.
  4. Click Save. 
  5. On the inSync Management Console, verify if the inSync Connector is connected and can import new users.

In certain cases, you may have to provide credentials on the cloud.

Problem description: Errors due to sharing the same port for communication

inSync Connector appears disconnected on the inSync Management Console but generates an authentication error message in the log file.

Cause

If inSync Connector setup is running on a server hosting other applications that share the same port with inSync Connector, such as port 443. There is a conflict for network communication which impacts the inSync Connector functionality.

Resolution

  1. Login to inSync Management Console and go to Settings > Connectors tab.
  2. Select the AD connector and click Get Registration key.
  3. Copy the registration key.

    ADGenKey.png
  4. Login to the inSync AD connector server and launch the Druva inSync AD connector application.
  5. Click Change registration key and paste the registration key copied earlier.

    ADChangeKey.png
  6. Click Register and check if error logs are generated in the inSyncADConnector.log file.

    ADConnectorConnected.png
  7. If error logs are generated:
    1. Open the command prompt with administrator privileges.
    2. Run the following command to open the List-port.txt file on the D drive.

      netstat -ano >List-port.txt
    3. In List-port.txt, check the applications sharing the inSync Connector port for communication. 
    4. If there are multiple applications using the same port, check if their port number can be modified.
    5. If the application ports cannot be modified, install the inSync Connector on a new server where its communication port 443 is not shared by other applications.

Problem description: inSync Connector Error - No AD servers mapped to this connector

Upon successful installation and configuration of the inSync Connector, clicking Manage AD Account displays the following error.

No AD Servers mapped to this connector. Please map appropriate AD Server details associated with this AD Connector on the Druva administration portal.

ADConnectorConfig.png

Cause

The AD account that will be used for the inSync Connector is not registered on the inSync Management Console.

Resolution

As a part of inSync AD Connector configuration, the account that will be used for the connector must be registered on the inSync Management Console. To register the service account to the cloud:

  1. Login to the inSync Management Console.

    ADLDAPMenu.png
  2. From the menu, go to Manage > Deployments > AD/LDAP and open the Accounts tab.

    NewADAccount.png
  3. Click Register AD/LDAP Account.

    RegisterAcDetails.png

Any update or change in the certificate of the LDAP used by the AD/LDAP server does not impact the inSync Connector's ability to effectively communicate with the AD/LDAP server using secure LDAP.