Cannot manage WAC gateway access, can't add any allowed groups

%3CLINGO-SUB%20id%3D%22lingo-sub-740022%22%20slang%3D%22en-US%22%3ECannot%20manage%20WAC%20gateway%20access%2C%20can't%20add%20any%20allowed%20groups%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-740022%22%20slang%3D%22en-US%22%3E%3CP%3ELDAP%20server%20is%20unavailable%20when%20adding%20security%20group.%3C%2FP%3E%3CP%3EQuerying%20active%20directory%20domain%20for%20list%20of%20machines%2C%20when%20adding%20servers%20to%20the%20gateway%20is%20working%20properly.%3CBR%20%2F%3EAdding%20users%20for%20local%20groups%20on%20managed%20server%20also%20is%20working%20properly.%3C%2FP%3E%3CP%3E%3CBR%20%2F%3EManaging%20gateway%20access%2C%20can't%20add%20any%20allowed%20groups%20(local%20or%20domain)%20-%20Gateway%20users%20or%20administrators.%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-center%22%20style%3D%22width%3A%20999px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F122356iF1C3E9C6A1394881%2Fimage-size%2Flarge%3Fv%3D1.0%26amp%3Bpx%3D999%22%20alt%3D%22screen.PNG%22%20title%3D%22screen.PNG%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ESome%20ideas%2C%20what%20to%20check%20or%20change%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E-------------------------%3C%2FP%3E%3CP%3EMessage%3A%3CBR%20%2F%3ECouldn't%20add%20security%20group%3CBR%20%2F%3EError%3A%20The%20LDAP%20server%20is%20unavailable.%3CBR%20%2F%3Elocalhost%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EEvent%20log%3A%3CBR%20%2F%3E500%20-%20LdapException%3A%20The%20LDAP%20server%20is%20unavailable.%3CBR%20%2F%3EStack%20trace%3A%20at%20System.DirectoryServices.Protocols.LdapConnection.Connect()%3CBR%20%2F%3Eat%20System.DirectoryServices.Protocols.LdapConnection.SendRequestHelper(DirectoryRequest%20request%2C%20Int32%26amp%3B%20messageID)%3CBR%20%2F%3Eat%20System.DirectoryServices.Protocols.LdapConnection.SendRequest(DirectoryRequest%20request%2C%20TimeSpan%20requestTimeout)%3CBR%20%2F%3Eat%20System.DirectoryServices.AccountManagement.PrincipalContext.ReadServerConfig(String%20serverName%2C%20ServerProperties%26amp%3B%20properties)%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWAC%20installed%20as%20gateway%20on%20Windows%20Server%202016%20(OS%20Build%2014393.2969)%20-%20connected%20to%20domain%3CBR%20%2F%3EWAC%20version%20tested%3A%201804.25%2C%201904.1%20%26amp%3B%201906%20preview%3CBR%20%2F%3EAcces%20to%20WAC%20from%20Windows%2010%201803%20build%2017134.829%3CBR%20%2F%3EBrowsers%3A%20Edge%2CFirefox%2067%2C%20Chrome%2075%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1093264%22%20slang%3D%22en-US%22%3ERe%3A%20Cannot%20manage%20WAC%20gateway%20access%2C%20can't%20add%20any%20allowed%20groups%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1093264%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F370065%22%20target%3D%22_blank%22%3E%40Wojtech%3C%2FA%3E%26nbsp%3BDid%20you%20ever%20find%20a%20workaround%20for%20this%20LDAP%2FWAC%20issue%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E
Highlighted
Occasional Visitor

LDAP server is unavailable when adding security group.

Querying active directory domain for list of machines, when adding servers to the gateway is working properly.
Adding users for local groups on managed server also is working properly.


Managing gateway access, can't add any allowed groups (local or domain) - Gateway users or administrators.

screen.PNG

 

 

Some ideas, what to check or change?

 

-------------------------

Message:
Couldn't add security group
Error: The LDAP server is unavailable.
localhost

 

Event log:
500 - LdapException: The LDAP server is unavailable.
Stack trace: at System.DirectoryServices.Protocols.LdapConnection.Connect()
at System.DirectoryServices.Protocols.LdapConnection.SendRequestHelper(DirectoryRequest request, Int32& messageID)
at System.DirectoryServices.Protocols.LdapConnection.SendRequest(DirectoryRequest request, TimeSpan requestTimeout)
at System.DirectoryServices.AccountManagement.PrincipalContext.ReadServerConfig(String serverName, ServerProperties& properties)

 

WAC installed as gateway on Windows Server 2016 (OS Build 14393.2969) - connected to domain
WAC version tested: 1804.25, 1904.1 & 1906 preview
Acces to WAC from Windows 10 1803 build 17134.829
Browsers: Edge,Firefox 67, Chrome 75

1 Reply
Highlighted

@Wojtech Did you ever find a workaround for this LDAP/WAC issue?