cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

A domain controller is unreachable by a Sensor

GeoffMauch
Copper Contributor

‎Sep 08 2022 05:59 AM

‎Sep 08 2022 05:59 AM

A domain controller is unreachable by a Sensor

Anyone else seeing large amount of DC Health alerts after latest MDI agent update to 2.189.15674 this week? Last two days all DCs suddenly started having same health alerts: "Sensor, xxxxxx, has limited functionality due to connectivity issues to the configured domain controller"

 

Sensor error logs show this error: " Error DirectoryServicesClient+<CreateLdapConnectionAsync>d__47 Microsoft.Tri.Infrastructure.ExtendedException: CreateLdapConnectionAsync Aborted since a connection to this domain controller has recently failed"

4,366 Views
1 Like
12 Replies
Reply
12 Replies
Martin_Schvartzman

‎Sep 08 2022 07:20 AM

‎Sep 08 2022 07:20 AM

Re: A domain controller is unreachable by a Sensor

@GeoffMauch 

Thank you for reporting this. I'll check this internally.

1 Like
Reply
cjohnston

‎Sep 08 2022 10:01 AM - edited ‎Sep 08 2022 10:01 AM

‎Sep 08 2022 10:01 AM - edited ‎Sep 08 2022 10:01 AM

Re: A domain controller is unreachable by a Sensor

@Martin_Schvartzman 

 

We are also seeing this. We recently updated to remove the Winpcap and add the Npcap service and after that we started seeing the same

 

 

2022-09-07 16:16:35.2886 Error DirectoryServicesClient+<CreateLdapConnectionAsync>d__47 RunPeriodic <RegisterPeriodicTask>b__1 failed
Microsoft.Tri.Infrastructure.ExtendedException: CreateLdapConnectionAsync failed [DomainControllerDnsName=OURDC.COM]

 

 

but we know our gMSA is correct and I've tested the permissions on it using Test-ADServiceAccount . The rest of the logs make it look like everything is working normally

 

 

2022-09-07 16:16:34.0854 Info DirectoryServicesClient CreateLdapConnectionAsync connected successfully [DomainControllerDnsName=ourdc.domain.com Domain=Ourdomain UserName=OurgMSA ]
2022-09-07 16:16:34.1635 Info LocalImpersonationManager CreateImpersonatorInternalAsync started [UserName=OurgMSA Domain=Ourdomain IsGroupManagedServiceAccount=True]
2022-09-07 16:16:34.1948 Info LocalImpersonationManager GetGroupManagedServiceAccountTokenAsync finished [UserName=OurgMSA Domain=Ourdomain IsSuccess=True]
2022-09-07 16:16:34.1948 Info LocalImpersonationManager CreateImpersonatorInternalAsync finished [UserName=OurgMSA Domain=Ourdomain]
2022-09-07 16:16:34.1948 Debug GroupPolicyHelper GetKerberosPolicy started [domainDnsName=Ourdomain.org]
2022-09-07 16:16:34.2104 Debug GroupPolicyHelper GetKerberosPolicy finished [domainDnsName=Ourdomain.org MaxTicketAge=10 MaxRenewAge=7]
2022-09-07 16:16:34.2104 Info DirectoryServicesClient CreateLdapConnectionAsync connected successfully [DomainControllerDnsName=ourdc.domain.com Domain=Ourdomain UserName=OurgMSA ]
2022-09-07 16:16:34.3510 Info DirectoryServicesResolver CreateDomainAsync created domain DC=Ourdomain,DC=org
2022-09-07 16:16:34.3667 Info DirectoryServicesClient CreateLdapConnectionAsync connected successfully [DomainControllerDnsName=ourdc.domain.com Domain=Ourdomain UserName=OurgMSA ]

 

 

But we also get the same constant repeat of 

<CreateLdapConnectionAsync>d__47 Microsoft.Tri.Infrastructure.ExtendedException: CreateLdapConnectionAsync Aborted since a connection to this domain controller has recently failed"

1 Like
Reply
GeoffMauch

‎Sep 08 2022 10:52 AM

‎Sep 08 2022 10:52 AM

Re: A domain controller is unreachable by a Sensor

I should also mention that we also updated to remove the Winpcap and added the Npcap service last week on all of our DCs.

1 Like
Reply
brianvessey

‎Sep 09 2022 06:23 AM

‎Sep 09 2022 06:23 AM

Re: A domain controller is unreachable by a Sensor

Add me to the list. 2 DCs, one on 2012R2, the other on 2016 and they both started throwing this error early AM of Sept 7.

I had also uninstalled the previous sensor and installed the updated version to move from winpcap to npcap. That change was done on or around Aug 31 if it matters.

Thanks
2 Likes
Reply
DevRin

‎Sep 09 2022 07:14 AM

‎Sep 09 2022 07:14 AM

Re: A domain controller is unreachable by a Sensor

Same issues here, looks like ours started around 9/4/2022@ ~2:30 UTC according to the reports. Glad to see I'm not the only one.
2 Likes
Reply
Ewan Monro

‎Sep 11 2022 06:06 PM

‎Sep 11 2022 06:06 PM

Re: A domain controller is unreachable by a Sensor

Also seeing this since 9/9. Any update on this issue?
1 Like
Reply
GeoffMauch

‎Sep 12 2022 07:58 AM

‎Sep 12 2022 07:58 AM

Re: A domain controller is unreachable by a Sensor

Any updates on your end on this issue? Thanks
0 Likes
Reply
cidorr

‎Sep 12 2022 11:16 AM

‎Sep 12 2022 11:16 AM

Re: A domain controller is unreachable by a Sensor

We also are seeing the same issue. We updated the sensors from Winpcap to Npcap around 8/31 and sensors started having issues around 9/7. I have a ticket in with Microsoft on this as well.
0 Likes
Reply
brlgen

‎Sep 13 2022 07:23 AM

‎Sep 13 2022 07:23 AM

Re: A domain controller is unreachable by a Sensor

Yes, also seeing this since the winpcap update. Please fix this Microsoft.
0 Likes
Reply
cjohnston

‎Sep 14 2022 11:12 AM

‎Sep 14 2022 11:12 AM

Re: A domain controller is unreachable by a Sensor

We have made no changes on our end, but now our sensors are both showing healthy. Hopefully this has been addressed for other folks as well. Our sensors are showing version 2.190.15711.42818
1 Like
Reply
brianvessey

‎Sep 14 2022 11:24 AM

‎Sep 14 2022 11:24 AM

Re: A domain controller is unreachable by a Sensor

Same :)
0 Likes
Reply
Ewan Monro

‎Sep 14 2022 02:13 PM

‎Sep 14 2022 02:13 PM

Re: A domain controller is unreachable by a Sensor

Yep - updated @ 2am and now on 2.190.15711.42818 and healthy :)
0 Likes
Reply