Overview
The communication between Exinda and the Active Directory Connector fails with the following error:
[add.WARNING]: SOAP 1.1 fault: SOAP-ENV:Server [no subcode]#012"EOF was observed that violates the protocol. The client probably provided invalid authentication information."#012Detail: SSL_accept() failed in soap_ssl_accept()#012 from ::ffff:10.52.0.8
Root Cause
The AD Connector is a .NET application, therefore, is configured to use TLS1.0. To be able to see domain users in the Exinda reports, the AD (Active Directory) connector must communicate with Exinda (not TLS).
Resolution
Force .NET applications to not use TLS1.0 by making the following change in the registry on the server where the AD Connector is installed:
Add the key, SchUseStrongCrypto
and set the DWORD to 1 under the. NETFramework/v4.0.3019
key in the following 2 locations.
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319]
- [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v4.0.30319]