Error=82 - ATP Service not starting

Copper Contributor

I have installed the ATP Sensor on a DC but the "Azure Advanced Threat Protection Sensor" is not able to start. Service is being run as "Local System".


Our internal AD domain is a ".net" and external Azure domain is ".com"


Seeing Error 82 in the logs.





DirectoryServicesClient Creating
2019-05-09 00:54:34.1329 Info DirectoryServicesClient CreateLdapConnectionAsync failed to connect [ UserName=svc_atp ErrorCode=82]

2019-05-09 00:54:34.6316 Error DirectoryServicesClient+<CreateLdapConnectionAsync>d__33 Microsoft.Tri.Infrastructure.ExtendedException: CreateLdapConnectionAsync failed []
at async Task<LdapConnection> Microsoft.Tri.Sensor.DirectoryServicesClient.CreateLdapConnectionAsync(DomainControllerConnectionData domainControllerConnectionData, bool isGlobalCatalog, bool isTraversing)
at async Task<bool> Microsoft.Tri.Sensor.DirectoryServicesClient.TryCreateLdapConnectionAsync(DomainControllerConnectionData domainControllerConnectionData, bool isGlobalCatalog, bool isTraversing)
2019-05-09 00:54:34.6472 Error DirectoryServicesClient Microsoft.Tri.Infrastructure.ExtendedException: Failed to communicate with configured domain controllers



1 Reply

@Shaneil Narayan , does svc_atp have read permission in ?

Is this a multi forest scenario? is the sensor located in a different forest from  ? If so, you need to provide credentials for each forest in the configuration page in the console UI.