0 votes

Hi,

We have a multi-domain forest with a root domain and three child domains. Adaxes is currently installed in one of these child domain and i would like to deploy a new Adaxes server in another child domain. I created a new service account in that domain but i have trouble installing adaxes with the share configuration option.
I provide the credential of the default service account used for the first Adaxes server but i have the following error during the install :

Product: Softerra Adaxes 2011.3 -- Failed to install the service ADAM instance.
Active Directory Lightweight Directory Services could not create the NTDS Settings object for this Active Directory Lightweight Directory Services instance CN=NTDS Settings,CN=APHKGRES02$AdaxesBackend,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,CN={3EF8BA34-68C3-4543-AD9D-21F6778140D6} on the remote AD LDS instance EUMSQRES10.eu.loi.net:48880. Ensure the provided network credentials have sufficient permissions.
Error code: 0x800706be
The remote procedure call failed.

I tried disabling the firewall without luck. I don't know where to check so if you have a clue.

Thanks in advance

by (800 points)

1 Answer

0 votes
by (18.0k points)

Hello,

If you're sure that all ports are open, then this is likely to be a DNS issue.

Try using Telnet to access the computer where the Adaxes service is installed on port 135.

0

I tried several things :

I checked security event log and i have no blocked access.
I checked with adsiedit.msc the Adaxes LDS instance and i confirm that the problem arise o nthe NTDS Settings object. The installer create the CN=SERVERNAME$AdaxesBackend object but fails on creating the child NTDS Settings.
I tried to add SERVERNAME$ to Administrators role in LDS with no luck.

It becomes very difficult to delay the installation.

Thanks for your help.

0

Please launch the repadmin.exe tool on the computer where want to install the second instance of Adaxes service, and post the output here.

repadmin.exe /bind EUMSQRES10.eu.loi.net:48880 /u:domain\adaxesadmin /pw:secret

0

You point me to the right direction with the repadmin command.
Actually i checked RPC with RPCping, which was ok, but it seems that the test is not accurate enough.
Repadmin failed and that leads me to the following conclusion : that might be a network related problem.
Actually, we are using Cisco ASA firewall on each of our sites, and we had trouble sometimes ago with RPC. I asked to my network team to check that and they finally find an inspact map that was blocking RPC trafic.

It's working ok now.

Thanks for your help

0

That's great!

0

... and that's a great relief for our QA team ;)

Related questions

0 votes
1 answer

Hello! I have an environment with three separate forests. One has Exchange 2010, the second has Exchange 2013 and the third has Exchange 2016. These environments don't have a ... an internal CA. Somebody please help me because I feel like I"m going crazy.

asked Jan 11, 2018 by loliver (120 points)
0 votes
1 answer

Hi Everyone We have 3 Adaxes services set up around the globe and followed the MS SQL replication how-to (https://www.adaxes.com/help/EnableDatabaseReplication/) to then ... use their local SQL server and make use of the SQL replication setup? Thanks, Felix

asked Jul 24 by felix (150 points)
0 votes
1 answer

So we have a new domain , lets say @def.com. It's within our primary domain @abc.com...this was done due to a company split. What changed for our users were their ... operational. LDAP Server unavailable" If I use my @abc.com, it works. Please advise. thanks

asked Oct 1, 2013 by MeliOnTheJob (1.7k points)
0 votes
0 answers

We have a multiforest set up. One of the domains is a non hybrid. Whenever a user is created in that domain it gives an error saying- 'Property 'ms-exch-target- ... active Directory schema'. How can we write an exception while adding to that non-hybrid domain?

asked Oct 31, 2022 by Aishwarya Gavali (40 points)
0 votes
1 answer

I am looking for the option to be able to utilize this with a Multi-Domain/Multi-Tenant Environment. Provide specific managers on a specific domain under a client access, etc.

asked Nov 25, 2020 by dcenrage (20 points)
3,549 questions
3,240 answers
8,232 comments
547,820 users