SummaryWhen using the AD Integrator with v7.0.3 of the Exinda firmware, it is possible to see that the AD Connector will sync with AD correctly upon an initial connection but then will not sync again, automatically or by manual renumeration
OverviewThe AD Connector is an integration tool that is installed on Domain Controllers and links up with an Exinda unit so that host IPs can be translated into the users that were using them at a specific moment. This works by utilizing Windows Event Log messages on the DC when an IP is given out to a specific host and the username associated with it at that time. Fore more indepth information about how the AD Connector works, please see more information about the Active Directory Integration.
In general, the AD Connector does this by doing a sync and taking new Logon events at a specific interval. The Active Directory page under Configuration > System > Network, "Active Directory" tab will show an increasing time since the last sync:
If this number is greater than the time period for a standard sync, this text will go red and bold to alert the administrators to the fact that there is a problem. There can be numerous reasons that a sync fails:
- The domain controller is rebooted
- The Exinda is rebooted
- The "Active Directory Connector" service on the Exinda is stopped and then started
CauseThis is a bug in the firmware having to do with how the Active Directory Integration works. It is of an unknown cause as of currently
WorkaroundRestarting the AD Service on the Exinda will force a resyncronization. This can be done in the web UI by going to Configuration > System > Network, under the Active Directory tab. There is an option to stop and start the service:
Pressing 'stop' on this service, waiting for a few moments and then pressing 'start' will reinitialize the AD Service on the Exinda. It will take a few moments for the Exinda to reconnect with the DC, and until this time it will say "No Clients" under the list of DCs it is currently connected to. When connection is reestablished, the DCs will once more show up in the list and the sync will have been successful.