Error when adding a New Active Directory source

Version 2

    Verified Product Versions

    Endpoint Manager 9.5Endpoint Manager 9.6Endpoint Manager 2016.x

    Description:

    When adding a New Active Directory source, you may get one of the following errors:

     

    AD_Error1.PNG

    Error connecting to the [domain name] directory. Verify that the LDAP directory path is correct, the credentials are valid and that the account is enabled.

     

    AD_Error2.PNG

    Grant Read permission on the domain controller for this user. Read access to Active Directory failed. LDMS requires read access for user management functionality.

     

    Resolution:

    Grant the user sufficient access to read and traverse Active Directory:

     

    1) Open Active Directory Users and Computers, right click on the root of the domain (e.g., "testdomain.com") and select properties.

    2) Click on the Security tab and specify the service account you will use to read Active Directory.

    3) Click on the Advanced button to access the special permissions. Uncheck the Read permission and click Advanced.

    4) Click Add... and specify the same user account again.

    5) Check List Contents and Read All Properties. Ensure that "Apply onto:" is set to "This object and all child objects."

     

    Special_Permissions3.png

    6) Click OK until the settings have been applied.