Forum Discussion

Malusp98's avatar
Malusp98
Copper Contributor
Sep 14, 2022

AATP Sensor not starting

Hello,

did any one of you have an idea why the Service don´t start? 

 

Threat Protection Log:

[1FB8:2328][2022-09-14T16:17:07]i001: Burn v3.11.2.4516, Windows v6.3 (Build 9600: Service Pack 0), path: C:\Windows\Temp\{6CEE5F61-004B-4051-9545-01C706B2D8A3}\.cr\Azure ATP Sensor Setup.exe
[1FB8:2328][2022-09-14T16:17:07]i000: Initializing hidden variable 'AccessKey'
[1FB8:2328][2022-09-14T16:17:07]i000: Initializing hidden variable 'ProxyConfiguration'
[1FB8:2328][2022-09-14T16:17:07]i000: Initializing hidden variable 'ProxyUserPassword'
[1FB8:2328][2022-09-14T16:17:07]i000: Initializing string variable 'NetFrameworkCommandLineArguments' to value '/passive /showrmui'
[1FB8:2328][2022-09-14T16:17:07]i009: Command Line: '"-burn.clean.room=C:\Users\ad-spiessma\Desktop\Azure ATP Sensor Setup\Azure ATP Sensor Setup.exe" -burn.filehandle.attached=420 -burn.filehandle.self=424'
[1FB8:2328][2022-09-14T16:17:07]i000: Setting string variable 'WixBundleOriginalSource' to value 'C:\Users\ad-spiessma\Desktop\Azure ATP Sensor Setup\Azure ATP Sensor Setup.exe'
[1FB8:2328][2022-09-14T16:17:07]i000: Setting string variable 'WixBundleOriginalSourceFolder' to value 'C:\Users\ad-spiessma\Desktop\Azure ATP Sensor Setup\'
[1FB8:2328][2022-09-14T16:17:07]i000: Setting string variable 'WixBundleLog' to value 'C:\Users\AD-SPI~1\AppData\Local\Temp\Azure Advanced Threat Protection Sensor_20220914161707.log'
[1FB8:2328][2022-09-14T16:17:07]i000: Setting string variable 'WixBundleName' to value 'Azure Advanced Threat Protection Sensor'
[1FB8:2328][2022-09-14T16:17:07]i000: Setting string variable 'WixBundleManufacturer' to value 'Microsoft Corporation'
[1FB8:2328][2022-09-14T16:17:07]i000: Loading managed bootstrapper application.
[1FB8:2328][2022-09-14T16:17:08]i000: Creating BA thread to run asynchronously.
[1FB8:2328][2022-09-14T16:17:09]i100: Detect begin, 5 packages
[1FB8:2328][2022-09-14T16:17:09]i000: 2022-09-14 14:17:09.5864 Debug DeploymentModel DetectDeploymentAction DetectBegin [\[]Installed=False[\]]
[1FB8:2328][2022-09-14T16:17:09]i000: Registry key not found. Key = 'SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Package_1_for_KB4019990~31bf3856ad364e35~amd64~~6.1.1.2'
[1FB8:2328][2022-09-14T16:17:09]i000: Setting numeric variable 'Kb4019990Windows2008R2Exists' to value 0
[1FB8:2328][2022-09-14T16:17:09]i000: Registry key not found. Key = 'SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Package_1_for_KB4019990~31bf3856ad364e35~amd64~~6.2.1.1'
[1FB8:2328][2022-09-14T16:17:09]i000: Setting numeric variable 'Kb4019990Windows2012Exists' to value 0
[1FB8:2328][2022-09-14T16:17:09]i000: Setting string variable 'NetFrameworkRegistryValue' to value '461814'
[1FB8:2328][2022-09-14T16:17:09]i000: Setting string variable 'ServerLevelsServerCoreRegistryValue' to value '1'
[1FB8:2328][2022-09-14T16:17:09]i000: Setting string variable 'ServerLevelsServerGuiShellRegistryValue' to value '1'
[1FB8:2328][2022-09-14T16:17:09]i052: Condition 'Kb4019990Windows2008R2Exists' evaluates to false.
[1FB8:2328][2022-09-14T16:17:09]i052: Condition 'Kb4019990Windows2012Exists' evaluates to false.
[1FB8:2328][2022-09-14T16:17:09]i052: Condition 'NetFrameworkRegistryValue >= 460798' evaluates to true.
[1FB8:2328][2022-09-14T16:17:09]i052: Condition 'NetFrameworkRegistryValue >= 460798' evaluates to true.
[1FB8:2328][2022-09-14T16:17:09]i101: Detected package: Kb4019990Windows2008R2Package, state: Absent, cached: None
[1FB8:2328][2022-09-14T16:17:09]i101: Detected package: Kb4019990Windows2012Package, state: Absent, cached: None
[1FB8:2328][2022-09-14T16:17:09]i101: Detected package: NetFrameworkPackageServer, state: Present, cached: None
[1FB8:2328][2022-09-14T16:17:09]i101: Detected package: NetFrameworkPackageServerCore, state: Present, cached: None
[1FB8:2328][2022-09-14T16:17:09]i101: Detected package: MsiPackage, state: Absent, cached: None
[1FB8:2328][2022-09-14T16:17:09]i199: Detect complete, result: 0x0
[1FB8:1604][2022-09-14T16:17:09]i000: 2022-09-14 14:17:09.6332 Debug DeploymentModel .ctor [\[]DeploymentAction=Install[\]]
[1FB8:1604][2022-09-14T16:17:09]i000: 2022-09-14 14:17:09.7426 Debug DeploymentModel .ctor [\[]IsAfterRestartAndConfigured=False[\]]
[1FB8:1604][2022-09-14T16:17:48]i000: 2022-09-14 14:17:48.4385 Info Model ValidateAsync ValidateCreateSensorAsync returned [\[]validateCreateSensorResult=Success[\]]
[1FB8:1604][2022-09-14T16:17:48]i000: Setting string variable 'IsConfigured' to value 'True'
[1FB8:1604][2022-09-14T16:17:48]i000: Setting hidden variable 'AccessKey'
[1FB8:1604][2022-09-14T16:17:48]i000: Unsetting variable 'DelayedUpdate'
[1FB8:1604][2022-09-14T16:17:48]i000: Setting hidden variable 'ProxyConfiguration'
[1FB8:1604][2022-09-14T16:17:48]i000: Setting string variable 'InstallationPath' to value 'C:\Program Files\Azure Advanced Threat Protection Sensor'
[1FB8:2328][2022-09-14T16:17:48]i200: Plan begin, 5 packages, action: Install
[1FB8:2328][2022-09-14T16:17:48]i052: Condition 'VersionNT64 = v6.1' evaluates to false.
[1FB8:2328][2022-09-14T16:17:48]w321: Skipping dependency registration on package with no dependency providers: Kb4019990Windows2008R2Package
[1FB8:2328][2022-09-14T16:17:48]i052: Condition 'VersionNT64 = v6.2' evaluates to false.
[1FB8:2328][2022-09-14T16:17:48]w321: Skipping dependency registration on package with no dependency providers: Kb4019990Windows2012Package
[1FB8:2328][2022-09-14T16:17:48]i052: Condition 'ServerLevelsServerCoreRegistryValue <> 1 OR ServerLevelsServerGuiShellRegistryValue = 1' evaluates to true.
[1FB8:2328][2022-09-14T16:17:48]w321: Skipping dependency registration on package with no dependency providers: NetFrameworkPackageServer
[1FB8:2328][2022-09-14T16:17:48]i052: Condition 'ServerLevelsServerCoreRegistryValue = 1 AND ServerLevelsServerGuiShellRegistryValue <> 1' evaluates to false.
[1FB8:2328][2022-09-14T16:17:48]w321: Skipping dependency registration on package with no dependency providers: NetFrameworkPackageServerCore
[1FB8:2328][2022-09-14T16:17:48]i000: Setting string variable 'WixBundleRollbackLog_MsiPackage' to value 'C:\Users\AD-SPI~1\AppData\Local\Temp\Azure Advanced Threat Protection Sensor_20220914161707_000_MsiPackage_rollback.log'
[1FB8:2328][2022-09-14T16:17:48]i000: Setting string variable 'WixBundleLog_MsiPackage' to value 'C:\Users\AD-SPI~1\AppData\Local\Temp\Azure Advanced Threat Protection Sensor_20220914161707_000_MsiPackage.log'
[1FB8:2328][2022-09-14T16:17:48]i201: Planned package: Kb4019990Windows2008R2Package, state: Absent, default requested: Absent, ba requested: Absent, execute: None, rollback: None, cache: No, uncache: No, dependency: None
[1FB8:2328][2022-09-14T16:17:48]i201: Planned package: Kb4019990Windows2012Package, state: Absent, default requested: Absent, ba requested: Absent, execute: None, rollback: None, cache: No, uncache: No, dependency: None
[1FB8:2328][2022-09-14T16:17:48]i201: Planned package: NetFrameworkPackageServer, state: Present, default requested: Present, ba requested: Present, execute: None, rollback: None, cache: No, uncache: No, dependency: None
[1FB8:2328][2022-09-14T16:17:48]i201: Planned package: NetFrameworkPackageServerCore, state: Present, default requested: Absent, ba requested: Absent, execute: None, rollback: None, cache: No, uncache: No, dependency: None
[1FB8:2328][2022-09-14T16:17:48]i201: Planned package: MsiPackage, state: Absent, default requested: Present, ba requested: Present, execute: Install, rollback: Uninstall, cache: Yes, uncache: No, dependency: Register
[1FB8:2328][2022-09-14T16:17:48]i299: Plan complete, result: 0x0
[1FB8:2328][2022-09-14T16:17:48]i300: Apply begin
[1FB8:2328][2022-09-14T16:17:48]i010: Launching elevated engine process.
[1FB8:2328][2022-09-14T16:17:49]i011: Launched elevated engine process.
[1FB8:2328][2022-09-14T16:17:49]i012: Connected to elevated engine.
[21E8:1C34][2022-09-14T16:17:49]i358: Pausing automatic updates.
[21E8:1C34][2022-09-14T16:17:52]i359: Paused automatic updates.
[21E8:1C34][2022-09-14T16:17:52]i360: Creating a system restore point.
[21E8:1C34][2022-09-14T16:17:52]i362: System restore disabled, system restore point not created.
[21E8:1C34][2022-09-14T16:17:52]i370: Session begin, registration key: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{80a28827-fca2-4fc4-a340-abee8d399e56}, options: 0x7, disable resume: No
[21E8:1C34][2022-09-14T16:17:52]i000: Caching bundle from: 'C:\Windows\Temp\{B0299F6D-FCC1-43B6-BFE2-D16668B5EAF4}\.be\Azure ATP Sensor Setup.exe' to: 'C:\ProgramData\Package Cache\{80a28827-fca2-4fc4-a340-abee8d399e56}\Azure ATP Sensor Setup.exe'
[21E8:1C34][2022-09-14T16:17:53]i320: Registering bundle dependency provider: {80a28827-fca2-4fc4-a340-abee8d399e56}, version: 2.185.15524.950
[21E8:1C34][2022-09-14T16:17:53]i371: Updating session, registration key: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{80a28827-fca2-4fc4-a340-abee8d399e56}, resume: Active, restart initiated: No, disable resume: No
[21E8:2188][2022-09-14T16:17:53]i305: Verified acquired payload: MsiPackage at path: C:\ProgramData\Package Cache\.unverified\MsiPackage, moving to: C:\ProgramData\Package Cache\{B089D895-371E-47EA-B030-3D9C69BA9A85}v2.185.15524.950\Microsoft.Tri.Sensor.Deployment.Package.msi.
[21E8:2188][2022-09-14T16:17:53]i305: Verified acquired payload: cab9C68882706A1052319FE6C1B5DE23439 at path: C:\ProgramData\Package Cache\.unverified\cab9C68882706A1052319FE6C1B5DE23439, moving to: C:\ProgramData\Package Cache\{B089D895-371E-47EA-B030-3D9C69BA9A85}v2.185.15524.950\1.
[21E8:1C34][2022-09-14T16:17:53]i323: Registering package dependency provider: {B089D895-371E-47EA-B030-3D9C69BA9A85}, version: 2.185.15524.950, package: MsiPackage
[21E8:1C34][2022-09-14T16:17:53]i301: Applying execute package: MsiPackage, action: Install, path: C:\ProgramData\Package Cache\{B089D895-371E-47EA-B030-3D9C69BA9A85}v2.185.15524.950\Microsoft.Tri.Sensor.Deployment.Package.msi, arguments: ' ARPSYSTEMCOMPONENT="1" MSIFASTINSTALL="7" ACCESSKEY="*****" DelayedUpdate="" InstallationPath="C:\Program Files\Azure Advanced Threat Protection Sensor" InstalledVersion="" PROXYCONFIGURATION="*****" WixBundleOriginalSourceFolder="C:\Users\ad-spiessma\Desktop\Azure ATP Sensor Setup\"'
[1FB8:2328][2022-09-14T16:18:21]i319: Applied execute package: MsiPackage, result: 0x0, restart: None
[21E8:1C34][2022-09-14T16:18:21]i325: Registering dependency: {80a28827-fca2-4fc4-a340-abee8d399e56} on package provider: {B089D895-371E-47EA-B030-3D9C69BA9A85}, package: MsiPackage
[21E8:1C34][2022-09-14T16:18:21]i372: Session end, registration key: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{80a28827-fca2-4fc4-a340-abee8d399e56}, resume: ARP, restart: None, disable resume: No
[21E8:1C34][2022-09-14T16:18:21]i371: Updating session, registration key: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{80a28827-fca2-4fc4-a340-abee8d399e56}, resume: ARP, restart initiated: No, disable resume: No
[1FB8:2328][2022-09-14T16:18:21]i399: Apply complete, result: 0x0, restart: None, ba requested restart: No
[1FB8:1604][2022-09-14T16:18:28]i000: 2022-09-14 14:18:28.2697 Debug SensorBootstrapperApplication Run Engine.Quit [\[]deploymentResultStatus=0 isRestartRequired=False[\]]
[1FB8:2328][2022-09-14T16:18:28]i500: Shutting down, exit code: 0x0
[1FB8:2328][2022-09-14T16:18:28]i410: Variable: AccessKey = *****
[1FB8:2328][2022-09-14T16:18:28]i410: Variable: InstallationPath = C:\Program Files\Azure Advanced Threat Protection Sensor
[1FB8:2328][2022-09-14T16:18:28]i410: Variable: IsConfigured = True
[1FB8:2328][2022-09-14T16:18:28]i410: Variable: Kb4019990Windows2008R2Exists = 0
[1FB8:2328][2022-09-14T16:18:28]i410: Variable: Kb4019990Windows2012Exists = 0
[1FB8:2328][2022-09-14T16:18:28]i410: Variable: NetFrameworkCommandLineArguments = /passive /showrmui
[1FB8:2328][2022-09-14T16:18:28]i410: Variable: NetFrameworkRegistryValue = 461814
[1FB8:2328][2022-09-14T16:18:28]i410: Variable: RebootPending = 0
[1FB8:2328][2022-09-14T16:18:28]i410: Variable: ServerLevelsServerCoreRegistryValue = 1
[1FB8:2328][2022-09-14T16:18:28]i410: Variable: ServerLevelsServerGuiShellRegistryValue = 1
[1FB8:2328][2022-09-14T16:18:28]i410: Variable: VersionNT64 = 6.3.0.0
[1FB8:2328][2022-09-14T16:18:28]i410: Variable: WixBundleAction = 5
[1FB8:2328][2022-09-14T16:18:28]i410: Variable: WixBundleElevated = 1
[1FB8:2328][2022-09-14T16:18:28]i410: Variable: WixBundleLog = C:\Users\AD-SPI~1\AppData\Local\Temp\Azure Advanced Threat Protection Sensor_20220914161707.log
[1FB8:2328][2022-09-14T16:18:28]i410: Variable: WixBundleLog_MsiPackage = C:\Users\AD-SPI~1\AppData\Local\Temp\Azure Advanced Threat Protection Sensor_20220914161707_000_MsiPackage.log
[1FB8:2328][2022-09-14T16:18:28]i410: Variable: WixBundleManufacturer = Microsoft Corporation
[1FB8:2328][2022-09-14T16:18:28]i410: Variable: WixBundleName = Azure Advanced Threat Protection Sensor
[1FB8:2328][2022-09-14T16:18:28]i410: Variable: WixBundleOriginalSource = C:\Users\ad-spiessma\Desktop\Azure ATP Sensor Setup\Azure ATP Sensor Setup.exe
[1FB8:2328][2022-09-14T16:18:28]i410: Variable: WixBundleOriginalSourceFolder = C:\Users\ad-spiessma\Desktop\Azure ATP Sensor Setup\
[1FB8:2328][2022-09-14T16:18:28]i410: Variable: WixBundleProviderKey = {80a28827-fca2-4fc4-a340-abee8d399e56}
[1FB8:2328][2022-09-14T16:18:28]i410: Variable: WixBundleRollbackLog_MsiPackage = C:\Users\AD-SPI~1\AppData\Local\Temp\Azure Advanced Threat Protection Sensor_20220914161707_000_MsiPackage_rollback.log
[1FB8:2328][2022-09-14T16:18:28]i410: Variable: WixBundleSourceProcessFolder = C:\Users\ad-spiessma\Desktop\Azure ATP Sensor Setup\
[1FB8:2328][2022-09-14T16:18:28]i410: Variable: WixBundleSourceProcessPath = C:\Users\ad-spiessma\Desktop\Azure ATP Sensor Setup\Azure ATP Sensor Setup.exe
[1FB8:2328][2022-09-14T16:18:28]i410: Variable: WixBundleTag =
[1FB8:2328][2022-09-14T16:18:28]i410: Variable: WixBundleUILevel = 4
[1FB8:2328][2022-09-14T16:18:28]i410: Variable: WixBundleVersion = 2.185.15524.950
[1FB8:2328][2022-09-14T16:18:29]i007: Exit code: 0x0, restarting: No

 

TriSensor Log:

 

2022-09-14 14:18:03.2374 Info Program Main Deployer started [arguments=PW8ZXWxgDAfgHB+Uq5tmHg==]
2022-09-14 14:18:03.3312 Debug InstallActionGroup Apply started
2022-09-14 14:18:03.3312 Debug CreateCertificateAction Apply started [suppressFailure=False]
2022-09-14 14:18:08.7208 Debug CreateCertificateAction Apply finished
2022-09-14 14:18:08.7208 Debug CreateSensorAction Apply started [suppressFailure=False]
2022-09-14 14:18:09.3900 Debug CreateSensorAction Apply finished
2022-09-14 14:18:09.3900 Debug TestCertificateAndProxyAction Apply started [suppressFailure=False]
2022-09-14 14:18:09.7651 Debug TestCertificateAndProxyAction Apply finished
2022-09-14 14:18:09.7651 Debug SaveSensorMandatoryConfigurationAction Apply started [suppressFailure=False]
2022-09-14 14:18:09.7963 Debug SaveSensorMandatoryConfigurationAction Apply finished
2022-09-14 14:18:09.7963 Debug CreateServicesActionGroup Apply started
2022-09-14 14:18:09.7963 Debug CreateServiceAction Apply started [suppressFailure=False]
2022-09-14 14:18:10.1401 Debug CreateServiceAction Apply finished
2022-09-14 14:18:10.1401 Debug SetServiceDescriptionAction Apply started [suppressFailure=False]
2022-09-14 14:18:10.1557 Debug SetServiceDescriptionAction Apply finished
2022-09-14 14:18:10.1557 Debug ConfigureServiceAction Apply started [suppressFailure=False]
2022-09-14 14:18:10.1713 Debug ConfigureServiceAction Apply finished
2022-09-14 14:18:10.1713 Debug SetServicePreshutdownTimeoutAction Apply started [suppressFailure=False]
2022-09-14 14:18:10.1869 Debug SetServicePreshutdownTimeoutAction Apply finished
2022-09-14 14:18:10.1869 Debug CreateServiceAction Apply started [suppressFailure=False]
2022-09-14 14:18:10.1869 Debug CreateServiceAction Apply finished
2022-09-14 14:18:10.1869 Debug SetServiceDescriptionAction Apply started [suppressFailure=False]
2022-09-14 14:18:10.2026 Debug SetServiceDescriptionAction Apply finished
2022-09-14 14:18:10.2026 Debug ConfigureServiceAction Apply started [suppressFailure=False]
2022-09-14 14:18:10.2182 Debug ConfigureServiceAction Apply finished
2022-09-14 14:18:10.2182 Debug SetServicePreshutdownTimeoutAction Apply started [suppressFailure=False]
2022-09-14 14:18:10.2182 Debug SetServicePreshutdownTimeoutAction Apply finished
2022-09-14 14:18:10.2182 Debug CreateServicesActionGroup Apply finished
2022-09-14 14:18:10.2182 Debug ConfigureVirtualServiceAccountAction Apply started [suppressFailure=False]
2022-09-14 14:18:10.3276 Debug ConfigureVirtualServiceAccountAction Apply finished
2022-09-14 14:18:10.3276 Debug RegisterCrashDumpsAction Apply started [suppressFailure=False]
2022-09-14 14:18:10.3276 Debug RegisterCrashDumpsAction Apply finished
2022-09-14 14:18:10.3276 Debug EnableTls12Action Apply started [suppressFailure=False]
2022-09-14 14:18:10.3276 Debug EnableTls12Action Apply finished
2022-09-14 14:18:10.3276 Debug CopyServiceLogsOnRevertAction Apply started [suppressFailure=False]
2022-09-14 14:18:10.3276 Debug CopyServiceLogsOnRevertAction Apply finished
2022-09-14 14:18:10.3276 Debug StartServiceAction Apply started [suppressFailure=False]
2022-09-14 14:18:20.3757 Debug StartServiceAction Apply finished
2022-09-14 14:18:20.3757 Debug InstallActionGroup Apply finished
2022-09-14 14:18:20.3757 Info Program Main Deployer finished

  • EliOfek's avatar
    EliOfek
    Icon for Microsoft rankMicrosoft
    Sep 14, 2022
    Take a look in the actual sensor logs, not the deployment logs.
    It appear deployment went well, but sensor was blocked from starting, and the answer should be there.
    • Malusp98's avatar
      Malusp98
      Copper Contributor
      Sep 15, 2022
      These are the Sensor Logs:
      2022-09-14 16:51:46.8050 Error DirectoryServicesClient+<CreateLdapConnectionAsync>d__47 Microsoft.Tri.Infrastructure.ExtendedException: CreateLdapConnectionAsync failed [DomainControllerDnsName=<DCName>]
      at async Task<LdapConnection> Microsoft.Tri.Sensor.DirectoryServicesClient.CreateLdapConnectionAsync(DomainControllerConnectionData domainControllerConnectionData, bool isGlobalCatalog, bool isTraversing)
      at async Task<bool> Microsoft.Tri.Sensor.DirectoryServicesClient.TryCreateLdapConnectionAsync(DomainControllerConnectionData domainControllerConnectionData, bool isGlobalCatalog, bool isTraversing)
      2022-09-14 16:51:46.8206 Error DirectoryServicesClient Microsoft.Tri.Infrastructure.ExtendedException: Failed to communicate with configured domain controllers [ _domainControllerConnectionDatas=<DCName>]
      at new Microsoft.Tri.Sensor.DirectoryServicesClient(IConfigurationManager configurationManager, IDirectoryServicesDomainNetworkCredentialsManager domainNetworkCredentialsManager, IDomainTrustMappingManager domainTrustMappingManager, IRemoteImpersonationManager remoteImpersonationManager, IMetricManager metricManager, IWorkspaceApplicationSensorApiJsonProxy workspaceApplicationSensorApiJsonProxy)
      at object lambda_method(Closure, object[])
      at object Autofac.Core.Activators.Reflection.ConstructorParameterBinding.Instantiate()
      at void Microsoft.Tri.Infrastructure.ModuleManager.AddModules(Type[] moduleTypes)
      at new Microsoft.Tri.Sensor.SensorModuleManager()
      at ModuleManager Microsoft.Tri.Sensor.SensorService.CreateModuleManager()
      at async Task Microsoft.Tri.Infrastructure.Service.OnStartAsync()
      at void Microsoft.Tri.Infrastructure.TaskExtension.Await(Task task)
      at void Microsoft.Tri.Infrastructure.Service.OnStart(string[] args)
      • EliOfek's avatar
        EliOfek
        Icon for Microsoft rankMicrosoft
        Sep 15, 2022
        Connection to AD is failing. check the log entries before this fail to see exact error codes.

Resources