Secure Access AD sync failed

Darkmatter · ‎11-06-2024

We are in the process of setting up a POC with Secure Access but are facing an issue that is hard to understand what's wrong.
AD connector is trying to upload and sync some data to the cloud but is not able to, and eventually throws an error message.

Firewall policy for this specific machine is wide open to the internet to not accidently block traffic it shouldn't, still no go.

The error response is quite cryptic and doesn't tell much where to look at, the only hint i could see is the 400 error code, meaning the issue is on client side.

Any help would great appreciated and i guess some Cisco devs maybe need to jump in.

Ken Stieers · ‎11-06-2024

That looks like the API is returning a 400 error, so firewall isn't an issue.

Uptime is being sent as 65,3793755
And the code you're getting :float_invalid / "not a valid float"

So its ending the wrong type of data for uptime. The DC has probably been up 65 days? So maybe that should be a decimal point, not a comma?

Seems like a bug to me.

howe · ‎11-06-2024

TLDR; I dont know.

Are there any other errors or odd messages in the log? What you are seeing suggests that it is attempting to communicate with the API but sending empty data or something like that. Is it possible those traffic is going via a proxy? That can cause weird things to happen. Even if its the Secure Access proxy if it redirects for a SAML auth say over an IPsec tunnel. Does the same error occur from a different server? (I appreciate thats not always possible).

*edit* just read the first comment - thats a good spot on the date. Smells of epoch time, infact its close to the number of seconds since unix time began. What does 'systeminfo' in CMD reveal? Maybe just bounce the server and try again. *shrug* And raise a TAC case.