Hi,
I can join the WSA to AD, but it can´t get AD-Groups.
The realm was created but group search found no records.
Do I need another procedure to join a W2012R2 domain?
AsyncOS Version: 8.5.1-021
Windows 2012 R2
Checking DNS resolution of WSA hostname(s)...
Success: Resolved 'mgmt_wsa1.xxx.local' address: x.x.x.115
Checking DNS resolution of Active Directory Server(s)...
Success: Resolved 'x.x.x.11' address: x.x.x.11
Success: Resolved 'x.x.x.12' address: x.x.x.12
Checking DNS resolution of AD Server(s)' full computer name(s)...
Success: Resolved 'SRVDC1.xxx.local' address: x.x.x.11
Success: Resolved 'SRVDC2.xxx.local' address: x.x.x.12
Validating configured Active Directory Domain...
Success: Active Directory Domain Name for 'x.x.x.11' : xxx.LOCAL
Success: Active Directory Domain Name for 'x.x.x.12' : xxx.LOCAL
Attempting to get TGT...
Success: Kerberos Tickets fetched from server 'x.x.x.11' :
Success: Kerberos Tickets fetched from server 'x.x.x.12' :
Checking local WSA time and server time difference...
Success: AD Server time and WSA time difference within tolerance limit
Success: AD Server time and WSA time difference within tolerance limit
Attempting to fetch AD group information...
Failure: Exception on query to server 'x.x.x.11', port 389 failed :
Exception('Inquiry timed out: auth failed: Windows 2008R2 or later requires a User account to create a data store, not a Computer account',)
Failure: Exception on query to server 'x.x.x.12', port 389 failed :
Exception('Inquiry timed out: auth failed: Windows 2008R2 or later requires a User account to create a data store, not a Computer account',)
Test completed: Errors occurred, see details above.
Thanks in advance.
Guido
