AD source is failing every couple of hours and also causing aggregation error

Hi All,
We have an AD source which is failing every couple of hours, (seems like an intermittent issue). initially source will be in healthy state and aggregation will be successful however after several hours, source gets disconnected with aggregation error. PFA
Any thoughts on what might be the issue, how this can be fixed?
error received.txt (777 Bytes)

Thanks,

error received:

[ InvalidConfigurationException ] [ Possible suggestions ] Ensure that the DNS mapping is correct on your host. [ Error details ] Failed to connect to - dc=xyz,dc=xyz,dc=xyz : java.lang.Exception: [ERROR 1] Failed to connect to server:ldap://xxxx:636 - java.net.UnknownHostException: xxxx.xxx.com [ERROR 2] Failed to connect to server:ldap://xxxx.xyz.com:636 - java.net.UnknownHostException:xxxx.xyz.com

Account aggregation error:

[ERROR for domain - dc=XXXX,dc=xyz] sailpoint.connector.ConnectorException: java.lang.Exception: [ERROR 1] Failed to connect to server:ldap://xxxx.xxxx.com:636 - java.net.UnknownHostException:xxxx.xxxx.com [ERROR 2] Failed to connect to server:ldap://xxxx.xxxx.com:636 - java.net.UnknownHostException: xxxx.xxxx.com

hi @nidhipriya,

first of all, you need check the communication between the systems. Verify the latency and availability.
Verify are present some network error or the firewall configuration, if it is present.
Also, verify on which server you try to connect; try to put a list of server or connect to the catalog server directly.
Check the communication and configuration of the IQService, if it is present.

This often happens when one of your virtual appliances is unable to connect to the target source.

I would try logging into each VA and run:

tb start
tb session
tb nc -zv -w 5 xxxx.xxxx.com 636

I would expect that you will find one of the VAs will fail.

On the server that fails, find the IP address of the the AD server you are trying to connect to. Then run the

tb nc -zv -w 5 <IP Address> 636

If only the nc command with the dns name fails, check your DHCP/Static IP configuration for that VA.

If both nc commands fail, check with your network security team to see if you have a firewall issue.

Thank you, Alicia!
Will try

Thank you, Emanuele!

1 Like

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.