Creating Asset with new Service Account

Hello, While creating a new AD asset, we are using the newly created service account. However, we encounter an error. The information entered for the service account is correct. What could be the other reasons for this issue?

Details

Account
DRP_Install

Partition
Windows

Task History
Some of the provided domain controllers are not accessible.

xxxxx: [ldap:\\xxxxx@xxxxx:389 (Read-Only)] (LDAP error 49) The supplied credential is invalid.

We are in the process of creating a new Active Directory (AD) asset and utilizing a service account specifically created for this purpose. Despite ensuring that all the details entered for the service account are accurate, we are encountering an error. We have double-checked the credentials and permissions for the service account, and everything appears to be in order. Could there be other factors or configurations we are overlooking that might be causing this error? Any insights or suggestions would be greatly appreciated.

Parents
  • Hi,

    If there are multiple domains in the forest and you only want to manage a specific domain then make sure that the new AD Asset does not have the option for Manage forest enabled otherwise SPP will attempt to connect to all domains and DCs that this service account might not have access to possibly.

    In addition, you have an option to specify the Domain Controllers that you wish SPP to communicate with for this AD Asset which can be specified in the "Domain Controllers" Field under the Connection tab of the AD Asset. Here you can use Domain Controller's IP addresses or Hostname (as long as DNS Server set in SPP can resolve these hostnames) separated by a space for example:

    1.1.1.1 2.2.2.2

    or

    dc1.domain.com dc2.domain.com

    Thanks!

Reply
  • Hi,

    If there are multiple domains in the forest and you only want to manage a specific domain then make sure that the new AD Asset does not have the option for Manage forest enabled otherwise SPP will attempt to connect to all domains and DCs that this service account might not have access to possibly.

    In addition, you have an option to specify the Domain Controllers that you wish SPP to communicate with for this AD Asset which can be specified in the "Domain Controllers" Field under the Connection tab of the AD Asset. Here you can use Domain Controller's IP addresses or Hostname (as long as DNS Server set in SPP can resolve these hostnames) separated by a space for example:

    1.1.1.1 2.2.2.2

    or

    dc1.domain.com dc2.domain.com

    Thanks!

Children
No Data