Is a local system or a domain account running the Data Governance Service? Is the account your trying to add from the same domain as the Identity Manager?

HI,

yes, the account which i am trying to add is from same domain as in Identity Manager. LocalSystem is running the Data Governance Service.While configuring DGE i selected USeLocalSystem User.

The same error message appears while adding an "Agent" , "Managed Host" also.

Thanks

Check out the values set in the Designer. Under Configuration Parameters -> Target System -> ADS -> QAM -> (Server, port, deployment ... etc). Are those values set correctly?

Yes, all values are correct.I can see the same error while creating Service account from "ObjectBrowser" as well.

Is there any configuration which i missed during configuration?

Which version of DGE are you using? Is the Identity Manager database encrypted? Are the Manager \ Object browser UI machines in the same domain (forest) as the DGE service? Important: Is the account you are logged into the machine as associated with an Employee account with Data Governance roles (Identity Manager Application Roles)? Was the Service Connection Point for the DGE Service properly created in AD as part of the DGE service deployment? The client machine must be able to find a Global Catalog server in the DGE service domain to find the proper SPN for the DGE service, therefore the client machine must be in the same domain as the DGE service.

Service Connection Points

Data Governance Edition publishes a Service Connection Point (SCP) in Active Directory so the Data Governance configuration wizard and Data Governance agents can locate the Data Governance service. Upon startup, the Data Governance service searches Active Directory in order to verify that the SCP is correct. When the Data Governance configuration wizard or agents start up, they search Active Directory for the SCP objects within their Active Directory forest, in order to retrieve connection information from the Data Governance service such as host name, listening port, deployment name, and other authentication information. The agents use the deployment name in the keywords search so they will only find services with the same user configured DGE deployment name.

The SCP objects are published directly subordinate to the service's computer object in Active Directory. SCP objects can be viewed and updated using Microsoft's ADSI Edit MMC snap-in.

The Data Governance service installs and maintains a single SCP (CN=DataGovernance.Server). The service checks and updates the Active Directory objects each time the service starts up.