Phone Lines icon GFI Support Home

Articles in this section

See more

Active Directory Connector is Not Visible on Exinda after Disabling TLS 1.0

Author: Central KB Updated

Overview

The communication between Exinda and the Active Directory Connector fails with the following error:

[add.WARNING]: SOAP 1.1 fault: SOAP-ENV:Server [no subcode]#012"EOF was observed that violates the protocol. The client probably provided invalid authentication information."#012Detail: SSL_accept() failed in soap_ssl_accept()#012 from ::ffff:10.52.0.8


Root Cause

The AD Connector is a .NET application, therefore, is configured to use TLS1.0. To be able to see domain users in the Exinda reports, the AD (Active Directory) connector must communicate with Exinda (not TLS).

Resolution

Force .NET applications to not use TLS1.0 by making the following change in the registry on the server where the AD Connector is installed:

Add the key, SchUseStrongCrypto and set the DWORD to 1 under the. NETFramework/v4.0.3019 key in the following 2 locations.

  • [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319]
  • [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v4.0.30319]

Related articles