Overview

While reviewing Users and Groups configuration, some network objects are displayed as a red cross.

The IP addresses are shown as empty.

In this scenario, Exinda is clustered (active-passive) and integrates with two Active Directories. Both AD have the Exinda Connector installed. The audit logs are activated in both Active Directories and the required event 4624 is presented.

This article provides details on how to resolve such AD synchronization issues.

Solution

1. On your AD servers, ensure the Success option is checked for 'Audit logon events' and 'Audit account logon events' properties. For more information please refer to AD usernames not mapping to IP addresses.
2. Make sure the Exinda Connector installed using a domain admin user so that there are no issues with permissions and also the 'admin' password is entered into the Exinda AD Connector tool.
   
3. In Exinda repropagate AD synchronization settings so the LDAP queries can try to fetch the updated User/Group details from the AD server:
   • using UI: Configuration > System > Network > Active Directory > press Renumerate button
     
   • using CLI execution: active renumerate all
     
     

     For more information, please refer to CLI: Active Directory.

Troubleshooting

If you still face issues, please gather the following logs from the Windows server and Exinda:

1. Active Directory connector logs
2. Windows Security event logs
3. Exinda Diagnostics: Configuration > System Diagnostics > Diagnostics > click on Generate Diagnostics. Wait for the Diagnostics to be generated and refresh the page after few minutes for the new sysdumps and click on the Sysdumps to download.