Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
9285
Views
5
Helpful
17
Replies

WSA join to AD but can´t fetch AD group information

Guido Arturo Catalano
Level 1
Level 1

‎05-02-2015 09:23 AM

Hi,

 I can join the WSA to AD, but it can´t get AD-Groups.

 The realm was created but group search found no records.

 

 Do I need another procedure to join a W2012R2 domain?

 

 AsyncOS Version: 8.5.1-021

 Windows 2012 R2

 

Checking DNS resolution of WSA hostname(s)...
Success: Resolved 'mgmt_wsa1.xxx.local' address: x.x.x.115

Checking DNS resolution of Active Directory Server(s)...
Success: Resolved 'x.x.x.11' address: x.x.x.11
Success: Resolved 'x.x.x.12' address: x.x.x.12

Checking DNS resolution of AD Server(s)' full computer name(s)...
Success: Resolved 'SRVDC1.xxx.local' address: x.x.x.11
Success: Resolved 'SRVDC2.xxx.local' address: x.x.x.12

Validating configured Active Directory Domain...
Success: Active Directory Domain Name for 'x.x.x.11' : xxx.LOCAL
Success: Active Directory Domain Name for 'x.x.x.12' : xxx.LOCAL

Attempting to get TGT...
Success: Kerberos Tickets fetched from server 'x.x.x.11' :

Success: Kerberos Tickets fetched from server 'x.x.x.12' :


Checking local WSA time and server time difference...
Success: AD Server time and WSA time difference within tolerance limit
Success: AD Server time and WSA time difference within tolerance limit

Attempting to fetch AD group information...
Failure: Exception on query to server 'x.x.x.11', port 389 failed :
Exception('Inquiry timed out: auth failed: Windows 2008R2 or later requires a User account to create a data store, not a Computer account',)
Failure: Exception on query to server 'x.x.x.12', port 389 failed :
Exception('Inquiry timed out: auth failed: Windows 2008R2 or later requires a User account to create a data store, not a Computer account',)

Test completed: Errors occurred, see details above.

 

Thanks in advance.

Guido

1 person had this problem
Labels:
0 Helpful
17 Replies 17

Massimo Baschieri
Level 3
Level 3
In response to Atazazuddin Shaikh

‎10-14-2015 12:18 PM

In fact I don't know if I'm entitled to open a tac case since the virtual wsa has an evaluation license.

Customer is evaluating the product and if I can't get rid of this issue it's very unlikely he's going to buy it.

Can you help? 

0 Helpful

Atazazuddin Shaikh
Cisco Employee
Cisco Employee
In response to Massimo Baschieri

‎10-15-2015 06:39 AM

Massimo

Sure, please respond with your direct number where we can reach you and time slot that works best for you,

 

Thanks

Zack

 

 

0 Helpful

Massimo Baschieri
Level 3
Level 3
In response to Atazazuddin Shaikh

‎10-15-2015 08:00 AM

Nice!!!

If you don't care we can start with email, massimo.baschieri@re-ti.com

If you prefer I can contact you first.

Thanks,

Massimo.

0 Helpful
Customers Also Viewed These Support Documents