When trying to do LDAP searches with ATA I get following errors
2018-08-29 20:36:21.4675 6304 130 Error [DirectoryServicesClient+<SearchInternalAsync>d__29] Microsoft.Tri.Infrastructure.Utils.ExtendedException: LDAP search failed
[DomainControllerDnsName=<domaincontroller> IsGlobalCatalog=False DistinguishedName=CN=NTDS Settings,CN=<domaincontroller>,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=contoso,DC=local Scope=Base Filter= AttributeCount=14] ---> System.DirectoryServices.Protocols.DirectoryOperationException: The server is unavailable.
Server stack trace:
at System.DirectoryServices.Protocols.LdapConnection.ConstructResponse(Int32 messageId, LdapOperation operation, ResultAll resultType, TimeSpan requestTimeOut, Boolean exceptionOnTimeOut)
at System.Runtime.Remoting.Messaging.StackBuilderSink._PrivateProcessMessage(IntPtr md, Object[] args, Object server, Object[]& outArgs)
at System.Runtime.Remoting.Messaging.StackBuilderSink.AsyncProcessMessage(IMessage msg, IMessageSink replySink)
Exception rethrown at [0]:
at System.DirectoryServices.Protocols.LdapConnection.EndSendRequest(IAsyncResult asyncResult)
at Microsoft.Tri.Infrastructure.Extensions.LdapConnectionExtensions.<>c__DisplayClass0_0.<SendRequestAsync>b__0(IAsyncResult _)
at async Microsoft.Tri.Gateway.Resolution.DirectoryServices.DirectoryServicesClient.SearchInternalAsync(?)
--- End of inner exception stack trace ---
at async Microsoft.Tri.Gateway.Resolution.DirectoryServices.DirectoryServicesClient.SearchInternalAsync(?)
at async Microsoft.Tri.Gateway.Resolution.DirectoryServices.DirectoryServicesClient.SearchAsync(?)
at async Microsoft.Tri.Gateway.Resolution.DirectoryServices.DirectoryServicesClient.SearchObjectsInternalSyncedAsync(?)
at Microsoft.Tri.Infrastructure.Extensions.TaskExtension.Await[TResult](Task`1 task)
at Microsoft.Tri.Infrastructure.Extensions.TaskExtension.<>c__2`2.<Cast>b__2_0(Task`1 _)
at System.Threading.Tasks.ContinuationResultTaskFromResultTask`2.InnerInvoke()
at System.Threading.Tasks.Task.Execute()
at async Microsoft.Tri.Infrastructure.Utils.Syncer.RunAsync[](?)
at async Microsoft.Tri.Gateway.Resolution.DirectoryServices.DirectoryServicesClient.SearchObjectsInternalAsync(?)
at async Microsoft.Tri.Gateway.Resolution.DirectoryServices.DirectoryServicesClient.SearchObjectsAsync(?)
at async Microsoft.Tri.Gateway.Resolution.DirectoryServices.DirectoryServicesClient.SearchObjectAsync(?)
at async Microsoft.Tri.Gateway.Resolution.DirectoryServices.DirectoryServicesResolver.UpdateDirectoryEntityChangesAsync(?)
at async Microsoft.Tri.Infrastructure.Framework.Module.<>c__DisplayClass30_0.<RegisterPeriodicTask>b__1(?)
at async Microsoft.Tri.Infrastructure.Extensions.TaskExtension.<>c__DisplayClass33_0.<RunPeriodic>b__0(?)
We have multiple ATA Gateways (Light and normal) and on all of them the ldap sync doesn't work if i put them as domain sync candidate.
LDAP and LDAPs work on the domain controllers as other applications / appliances can connect to the domain controllers.
I've also tried different kind of certificates on the domain controllers (KSP/CSP Certificates) - SHA256 with 4096 Bit key length. Is there any way to maybe get a "better" error message which leads me to a source of the error?
I've also reinstalled all of the Gateways to rule out problems with the setup.
The only thing I haven't done is doing the center from scratch, but that's something I want to hold of until there's no other possibility.
I've also tried switching sync accounts to rule out problems with the account, but also with no results.
Does anyone have a tip, what i could do to remediate the situation?
Thanks in advance