This article applies to:
OS: Windows 2008 R2 and later
Product edition: inSync Cloud
Overview
This article provides the resolution steps for errors occurring in inSync Connectors.
Errors resolved
Steps to resolve the following errors are discussed in this article:
Problem description: inSync Connector authentication issue
inSync Connector appears disconnected on the inSync Management Console but generates an authentication error message in the log file.
Cause
AD credentials for the inSync Connector have expired and need to be resubmitted. You will see inSync Connector status as ‘Not Connected’ or invalid credentials when trying to import Users in AD mapping as shown below:
Traceback
Since inSync Connector maintains a persistent connection with the Cloud Master (for inSync Cloud), it will generate an error log due to interference if it has to share its communication port with any other application. The error logs are generated even while the inSync Connector appears connected.
The following errors are logged in the inSyncADConnector.log file:
[ERROR] Error <class 'socket.error'>:[Errno 10013] An attempt was made to access a socket in a way forbidden by its access permissions. Traceback -Traceback (most recent call last): File "inSyncLib\inSyncRPCServer.pyc", line 351, in serve_forever File "socket.pyc", line 224, in meth error: [Errno 10013] An attempt was made to access a socket in a way forbidden by its access permissions
Multiple entries of the following type are logged in the graylogs:
[ERROR] CFGID-XX ADConnector not found. Rejecting auth. :_ adcid=XXXX cid=XXXX _:
Resolution
To resolve AD connector authentication issue:
Login to the inSync Connector server.
Launch the Druva inSync Connector application.
Click Manage AD accounts and enter the credentials.
Click Save.
On the inSync Management Console, verify if the inSync Connector is connected and can import new users.
💡 Tip
In certain cases, you may have to provide credentials on the cloud.
Problem description: Errors due to sharing the same port for communication
inSync Connector appears disconnected on the inSync Management Console but generates an authentication error message in the log file.
Cause
If inSync Connector setup is running on a server hosting other applications that share the same port with inSync Connector, such as port 443. There is a conflict for network communication which impacts the inSync Connector functionality.
Resolution
Login to inSync Management Console and go to Settings > Connectors tab.
Select the AD connector and click Get Registration key.
Copy the registration key.
Login to the inSync AD connector server and launch the Druva inSync AD connector application.
Click Change registration key and paste the registration key copied earlier.
Click Register and check if error logs are generated in the inSyncADConnector.log file.
If error logs are generated:
Open the command prompt with administrator privileges.
Run the following command to open the List-port.txt file on the D drive.
netstat -ano >List-port.txt
In List-port.txt, check the applications sharing the inSync Connector port for communication.
If there are multiple applications using the same port, check if their port number can be modified.
If the application ports cannot be modified, install the inSync Connector on a new server where its communication port 443 is not shared by other applications.
Problem description: inSync Connector Error - No AD servers mapped to this connector
Upon successful installation and configuration of the inSync Connector, clicking Manage AD Account displays the following error.
No AD Servers mapped to this connector. Please map appropriate AD Server details associated with this AD Connector on the Druva administration portal.
Cause
The AD account that will be used for the inSync Connector is not registered on the inSync Management Console.
Resolution
As a part of inSync AD Connector configuration, the account that will be used for the connector must be registered on the inSync Management Console. To register the service account to the cloud:
Login to the inSync Management Console.
From the menu, go to Manage > Deployments > AD/LDAP and open the Accounts tab.
Click Register AD/LDAP Account.
💡 Tip
Any update or change in the certificate of the LDAP used by the AD/LDAP server does not impact the inSync Connector's ability to effectively communicate with the AD/LDAP server using secure LDAP.