Register Sign in Need help? FAQ SailPoint directory
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Troubleshooting Active Directory error: Extended rights could not be retrieved

Troubleshooting Active Directory error: Extended rights could not be retrieved

Active Directory entitlement collection fails with the message "Extended rights could not be retrieved".  Active Directory crawling may have succeeded with status complete. This error is in the log file:

2015-10-06 09:13:42,099,26,ERROR,WBX.Common.LDAP.ActiveDirectory.ConnectionPool,getObjectSidByDN,Error in 'dc=dom1,dc=loc'.

System.Runtime.InteropServices.COMException (0x8007203A): The server is not operational.

   at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail)

   at System.DirectoryServices.DirectoryEntry.Bind()

   at System.DirectoryServices.DirectoryEntry.get_AdsObject()

   at System.DirectoryServices.DirectorySearcher.FindAll(Boolean findMoreThanOne)

   at System.DirectoryServices.DirectorySearcher.FindOne()

   at WBX.Common.LDAP.ActiveDirectory.ConnectionPool.getObjectSidByDN(String dn)

2015-10-06 09:14:02,031,28,ERROR,WBX.Common.LDAP.ActiveDirectory.ConnectionPool,getObjectSidByDN,Error in 'dc=dom1,dc=loc'.

System.Runtime.InteropServices.COMException (0x8007203A): The server is not operational.

   at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail)

   at System.DirectoryServices.DirectoryEntry.Bind()

   at System.DirectoryServices.DirectoryEntry.get_AdsObject()

   at System.DirectoryServices.DirectorySearcher.FindAll(Boolean findMoreThanOne)

   at System.DirectoryServices.DirectorySearcher.FindOne()

   at WBX.Common.LDAP.ActiveDirectory.ConnectionPool.getObjectSidByDN(String dn)

2015-10-06 09:14:10,390,28,ERROR,WBX.whiteOPS.Server.RoleAnalytics.ActiveDirectoryRAEngine,getExtendedRights,Extended rights could not be retrieved

System.Runtime.InteropServices.COMException (0x8007203A): The server is not operational.

   at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail)

   at System.DirectoryServices.DirectoryEntry.Bind()

   at System.DirectoryServices.DirectoryEntry.get_AdsObject()

   at System.DirectoryServices.DirectorySearcher.FindAll(Boolean findMoreThanOne)

   at WBX.whiteOPS.Server.RoleAnalytics.ActiveDirectoryRAEngine.getExtendedRights(ConnectionPool adConnectionPool, String[] extendedRightsProperties, GUIDResolver allValidatedRights, String forestFQDN, GUIDResolver& availableValidatedRights)

2015-10-06 09:14:10,390,28,ERROR,WBX.whiteOPS.Server.RoleAnalytics.RAPermissionHandler,configureBam,BAM AD - DOM1 could not be configured

 

This error occurs when the Active Directory application is configured to connect on port 636 and the SSL check box is not selected.  To correct the error reconfigure the SecurityIQ Active Directory application, checking the "use SSL" check box.

Labels (2)
0 Kudos
Version history
Revision #:
2 of 2
Last update:
‎Mar 15, 2023 09:13 PM
Updated by:
Community Administrator
 
View Article History
Contributors