Hi Eli,

I already did it.

After add my domain in ATA center I receive a message that the service stopped.

And same going to the Gateway server and trying to start manually the service I receive the error 1067.

The Center service is running OK?

The Console UI is working?

In the Failing Gateway logs, if you delete the current logs and start the service again,

Is the only error still 

"Domain controllers are not configured"

?

The Center service is running OK? Yes

The Console UI is working? Yes

In the Failing Gateway logs, if you delete the current logs and start the service again,

Is the only error still 

"Domain controllers are not configured"

?

The same error back in the logs.

I already deleted the domain and add again and the same error appear and the service doesn't start.

Notice that in the GW configuration , you should add the DC FQDN, not the domain.

See detailed instructions at

https://docs.microsoft.com/en-us/advanced-threat-analytics/install-ata-step5

So if your domain is domain.com, you should add DC1.domain.com, and not just domain.com.

Hi Eli,

Sorry for my explanation.

What we configured was the FQDN as you said and not the domain.

But the service begin starting and fews seconds after stop.

Now i'll try to uninstall my Gateway and Center and begin all the installation process again.

Try to uninstall the GW only, don't think there is a need to install the center again.

But do download a fresh copy of the GW package from the Center.

I also already did it two times and no success.

Now i'm really gonna do all the installation again and see what happens.

If it still fails, please share a screenshot of the GW configuration in the console.

(You can share it in a private message if you prefer)

Eli,

I sent for you a private message with my gateway configuration.

Thanks

What was the solution as I am experiencing the exact problem.

In the above case a  rebuild of the WMI Repository solved the problem.

Having this problem again in another environment...

I receiving again this error 1067 and I already saw:

- Network connections ok;

- Net framework installation ok;

- WMI library ok;

- enought hardware to run gateway lightweight;

Anyone know what could be ?

I already add another 10 DC's in my Ata center in the same environment, but there's one that is showing this error 1067.

In this case is the deployment of 1.9 version.

Below follow my error.log

2018-04-26 16:49:40.9293 4792 13 Error [DirectoryServicesClient+<CreateLdapConnectionAsync>d__32] Microsoft.Tri.Infrastructure.Utils.ExtendedException: Failed to connect to domain controller [DomainControllerDnsName=XXXXXAD04.XXXXXXXX.corp ErrorCode=82] ---> System.DirectoryServices.Protocols.LdapException: A local error occurred.
 at System.DirectoryServices.Protocols.LdapConnection.BindHelper(NetworkCredential newCredential, Boolean needSetCredential)
 at async Microsoft.Tri.Gateway.Resolution.DirectoryServices.DirectoryServicesClient.CreateLdapConnectionAsync(?)
 --- End of inner exception stack trace ---
 at async Microsoft.Tri.Gateway.Resolution.DirectoryServices.DirectoryServicesClient.CreateLdapConnectionAsync(?)
 at async Microsoft.Tri.Gateway.Resolution.DirectoryServices.DirectoryServicesClient.CreateLdapConnectionAsync(?)
 at async Microsoft.Tri.Gateway.Resolution.DirectoryServices.DirectoryServicesClient.TryCreateLdapConnectionAsync(?)
2018-04-26 16:49:40.9772 4792 5 Error [DirectoryServicesClient+<OnInitializeAsync>d__14] Microsoft.Tri.Infrastructure.Utils.ExtendedException: Failed to communicate with configured domain controllers
 at async Microsoft.Tri.Gateway.Resolution.DirectoryServices.DirectoryServicesClient.OnInitializeAsync(?)
 at async Microsoft.Tri.Infrastructure.Framework.Module.InitializeAsync(?)
 at async Microsoft.Tri.Infrastructure.Framework.ModuleManager.OnInitializeAsync(?)
 at async Microsoft.Tri.Infrastructure.Framework.Module.InitializeAsync(?)
 at async Microsoft.Tri.Infrastructure.Framework.Service.OnStartAsync(?)
 at Microsoft.Tri.Infrastructure.Framework.Service.OnStart(String[] args)
2018-04-26 16:49:54.3286 3096 12 Error [DirectoryServicesClient+<CreateLdapConnectionAsync>d__32] Microsoft.Tri.Infrastructure.Utils.ExtendedException: Failed to connect to domain controller [DomainControllerDnsName=XXXXXAD04.XXXXXXXX.corp ErrorCode=82] ---> System.DirectoryServices.Protocols.LdapException: A local error occurred.
 at System.DirectoryServices.Protocols.LdapConnection.BindHelper(NetworkCredential newCredential, Boolean needSetCredential)
 at async Microsoft.Tri.Gateway.Resolution.DirectoryServices.DirectoryServicesClient.CreateLdapConnectionAsync(?)
 --- End of inner exception stack trace ---
 at async Microsoft.Tri.Gateway.Resolution.DirectoryServices.DirectoryServicesClient.CreateLdapConnectionAsync(?)
 at async Microsoft.Tri.Gateway.Resolution.DirectoryServices.DirectoryServicesClient.CreateLdapConnectionAsync(?)
 at async Microsoft.Tri.Gateway.Resolution.DirectoryServices.DirectoryServicesClient.TryCreateLdapConnectionAsync(?)
2018-04-26 16:49:54.3443 3096 5 Error [DirectoryServicesClient+<OnInitializeAsync>d__14] Microsoft.Tri.Infrastructure.Utils.ExtendedException: Failed to communicate with configured domain controllers
 at async Microsoft.Tri.Gateway.Resolution.DirectoryServices.DirectoryServicesClient.OnInitializeAsync(?)
 at async Microsoft.Tri.Infrastructure.Framework.Module.InitializeAsync(?)
 at async Microsoft.Tri.Infrastructure.Framework.ModuleManager.OnInitializeAsync(?)
 at async Microsoft.Tri.Infrastructure.Framework.Module.InitializeAsync(?)
 at async Microsoft.Tri.Infrastructure.Framework.Service.OnStartAsync(?)
 at Microsoft.Tri.Infrastructure.Framework.Service.OnStart(String[] args)

The GW is failing to connect to the *AD04 DC.

Error Code 82 suggest:

1. Confirm that the domain controller’s DNS record is configured properly in the DNS server. 
2. Verify that the time of the ATA Gateway is synchronized with the time of the domain controller.

Eli.

DNS ok and the time in the Ata Gateway is ok too.

Do you have ideia if this problem could be caused by another thing ?

Thanks

Try to restart the GW machine, I wonder if it will change anything.

---

@Paulo Silva wrote:

DNS ok and the time in the Ata Gateway is ok too.

Do you have ideia if this problem could be caused by another thing ?

 

Thanks

---

It doesn't work.

I already add 3 other DC's to my Ata Center but this one don't work.

Are you able to connect from these machines to the destination machines that ATA fails for using ldp.exe via kerberos? or are you getting the same error there?