4 Replies Latest reply on Oct 31, 2013 1:03 PM by xiudo

    Credential rings are not functioning

    xiudo

      I have created a few credentials and bound a Credential ring to my credentials.  but when i attempt to connect to my domain it times out with an error.  I get a simular error when attempting to manage some of my workstations  Strangly the Other domain shows up exactly as expected.  I am not exactly sure what I am doing wrong. 

       

      any ideas?

       

      here is an example of the error below

       

       

       

      Source: Data Grid Server (PMS)

      Device: mis30.blah blah blah.domain

      Details: Computer connect

      Exception occurred at 10/23/2013 12:42:56 PM: Attempt to connect tomis30.blah blah blah.domain failed.

      The following attempts were made:

       

       

      ARP Resolution result: Yes

      DNS Resolution result: Yes

      NETBIOS Name Resolution: Yes

      MS Endpoint Mapper: Yes

      WMI Connection: No

       

       

      The RPC server is unavailable

      COM Exception: Error Code: 0x800706BA . Unable to connect using account blah blah blah.domain\administrator

      EminentWare Provider Connection: No

       

       

      The RPC server is unavailable

      COM Exception: Error Code: 0x800706BA . Unable to connect using account blah blah blah.domain\administrator

      File and Print Sharing Ports: Yes

       

       

      Successfully connected to direct hosting NetBIOS over TCP-IP port 445 which is required for 'File and Print Sharing'

        • Re: Credential rings are not functioning
          Lawrence Garvin

          It may help to clarify what actually is happening here, which will help to diagnose.

           

          It appears to me from the information provided that an attempt to connect to a system is being made, specifically to the system MIS30, and the issue is connecting to the system, not "the domain".

           

          ARP Resolution result: Yes

          DNS Resolution result: Yes

          NETBIOS Name Resolution: Yes

          MS Endpoint Mapper: Yes

          WMI Connection: No


          We see from this output that the ARP, DNS, and RPC Endpoint Mapper connections were all successful, but the WMI connection failed. Almost always this is a function of the Windows Firewall being enabled on the target system(s), but the Windows Management Instrumentation ruleset not being enabled to allow remote WMI connections. This is discussed in detail in Chapter 10 of the Patch Manager Administrator Guide.

            • Re: Credential rings are not functioning
              xiudo

              Thanks for the Reply

               

              Here is the message when i attempt to select the of of the two Domains

               

               

              ####

              Source: Data Grid Server (PMS)

              Device: *DOMAIN*.local

              Details: LDAP Request

              Exception occurred at 10/24/2013 12:04:50 PM: The server is not operational.

               

               

              Unable to connect to the resource using the account: *DOMAIN*\administrator Reason:

              The server is not operational

              COM Exception: Error Code: 0x8007203A

              ####

                • Re: Credential rings are not functioning
                  Lawrence Garvin

                  Okay... *this* is an actual failure attempting to execute a LDAP query against a Domain Controller.

                   

                  In this instance, the machine being queried appears to be offline, or not a DC, or the required LDAP port is blocked by a firewall. The firewall scenario is unlikely since that would render the DC unusable to all clients, but it is possible, so it should be verified nonetheless.

                   

                  If not a firewall issue, this could be a reflection of an improperly declared "Preferred Domain Controller", or it could be a manifestation of stale, unscavanged records in the DNS server that is being queried by Patch Manager to find the DC, or it could be that the DC is simply inaccessible to the Patch Manager server.

                   

                  1. From the "Managed Enterprise" management group, launch the Management Group Wizard.
                  2. Click on <Next>.
                  3. Ensure the radio button for "Active Directory Domains or Workgroups" is selected and click on <Next>.
                  4. In the listbox, locate your domain (probably the only line in the list), and look for a value in the "Preferred DC" column.
                  • If it's not blank, determine if that DC is still operational.
                  • If it's blank, then it may be that there is invalid DC information in DNS.

                   

                  If you need to correct/update the "Preferred DC" data, you'll need to remove the existing domain declaration from the management group (select the domain, click on <Remove>), and then re-ADD the domain with the correct "Preferred Domain Controller" data.

              • Re: Credential rings are not functioning
                xiudo

                It turns out i did not have the "Preferred domain controller set"