Forum Discussion
Azure Advanced Thread Protection Sensor service failed to start
Probably the same reason.
Are you positive that the AD credentials you entered in the portal are correct?
Unlike ATA in AATP we have no "test" for them in the UI.
Make sure the username, domain and password are correct.
What is the OS version you are running on?
Also, the output of
nltest /DSGETDC: && nltest /DOMAIN_TRUSTS
on both forests might help, but you might want a support case to share this info with us , the forum is not ideal for this...
MicrosoftAre you 100% sure about the trust setup?
Currently we only support full two way trust, or full one way trust where the AATP AD account that you have set is coming from the trusted forest.
So far I have only seen this error (ErrorCode=82) in cases where the trust was not such but some other type.
Can you double check it?
Also, make sure the account details (username, password) supplied to AATP are correct.
Hi Eli,
Everything is inside one of the domains. ATP user is from this domain too. Second domain is not involved in the process.
- we created service account for each domain and registered it on portal. after which it was able to work properly.
Arkady Karasin Hi, do we need to change the credentials on services running for Azure ATP?
Under services, its currently running on local credentials.
we have many domains and this domain trusts the domain (ATP admin account domain).
do we need to change it here?
- I had a similar issue and changed the Directory Services Credentials to reference the on-prem domain name rather than the primary email suffix and this resolved the issue for us, thanks for the pointer.
Hi Eli,
You are right. It was credential issue. I provided our domain name from Azure portal. I should use our local AD domain name instead.
Thank you very much!!!
- EliOfek
Probably the same reason.
Are you positive that the AD credentials you entered in the portal are correct?
Unlike ATA in AATP we have no "test" for them in the UI.
Make sure the username, domain and password are correct.
What is the OS version you are running on?
Also, the output of
nltest /DSGETDC: && nltest /DOMAIN_TRUSTS
on both forests might help, but you might want a support case to share this info with us , the forum is not ideal for this...
Hi Eli!
I did it.
Now I am getting same error, like on DCs:
2018-12-05 14:38:33.8213 Error DirectoryServicesClient+<CreateLdapConnectionAsync>d__34 Microsoft.Tri.Infrastructure.ExtendedException: Failed to connect to domain controller [DomainControllerDnsName=juno1.pansw.com ErrorCode=82] ---> System.DirectoryServices.Protocols.LdapException: A local error occurred.
at void System.DirectoryServices.Protocols.LdapConnection.BindHelper(NetworkCredential newCredential, bool needSetCredential)
at async Task<LdapConnection> Microsoft.Tri.Sensor.DirectoryServicesClient.CreateLdapConnectionAsync(DomainControllerConnectionData domainControllerConnectionData, bool isGlobalCatalog, bool isTraversing)
--- End of inner exception stack trace ---
at async Task<LdapConnection> Microsoft.Tri.Sensor.DirectoryServicesClient.CreateLdapConnectionAsync(DomainControllerConnectionData domainControllerConnectionData, bool isGlobalCatalog, bool isTraversing)
at async Task<LdapConnection> Microsoft.Tri.Sensor.DirectoryServicesClient.CreateLdapConnectionAsync(DomainControllerConnectionData domainControllerConnectionData, bool isGlobalCatalog, bool isTraversing)
at async Task<bool> Microsoft.Tri.Sensor.DirectoryServicesClient.TryCreateLdapConnectionAsync(DomainControllerConnectionData domainControllerConnectionData, bool isGlobalCatalog, bool isTraversing)
2018-12-05 14:38:33.8369 Error DirectoryServicesClient Microsoft.Tri.Infrastructure.ExtendedException: Failed to communicate with configured domain controllersI already shared my AD trust configuration. Do you think it is a reason for failure?
Thank you!
- EliOfek
When installing an integrated sensor, we auto config it by default as we know on which DC we are running.
In case of a standalone, there is no (feasible) way for us to auto detect which DCs are port mirrored to this machine, so you need to go to the sensor list in the portal configuration section, and manually tell this sensor which DCs it should monitor. once you do that , a few seconds later the service should be able to start.
I installed sensor on standalone server and got different error, but service refuse to start:
2018-12-05 14:31:50.8754 Error DirectoryServicesClient Microsoft.Tri.Infrastructure.ExtendedException: Domain controllers are not configured
at new Microsoft.Tri.Sensor.DirectoryServicesClient(IConfigurationManager configurationManager, IMetricManager metricManager, IWorkspaceApplicationSensorApiJsonProxy workspaceApplicationSensorApiJsonProxy)
at object lambda_method(Closure, object[])
at object Autofac.Core.Activators.Reflection.ConstructorParameterBinding.Instantiate()
at void Microsoft.Tri.Infrastructure.ModuleManager.AddModules(Type[] moduleTypes)
at ModuleManager Microsoft.Tri.Sensor.SensorService.CreateModuleManager()
at async Task Microsoft.Tri.Infrastructure.Service.OnStartAsync()
at void Microsoft.Tri.Infrastructure.TaskExtension.Await(Task task)
at void Microsoft.Tri.Infrastructure.Service.OnStart(string[] args)
