Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Unable to add accounts from Active Directory (AD) in PortalProtect 2.5

    • Updated:
    • 25 Jul 2018
    • Product/Version:
    • PortalProtect 2.5
    • Platform:
    • Windows 2003 Enterprise
    • Windows 2003 Standard
    • Windows 2008 Enterprise
    • Windows 2008 Standard
Summary

You can't add accounts when selecting them from AD.

Authentication

When you check the PP_Master log, you see the error below:

2018/07/03 14:04:01 GMT+8:00 [01872:00340] [ web_PageCB_QuarantineQuery.cpp( 240)] DEBUG ==>
CPageCB_QuarantineQuery::_GetSearchResult()
2018/07/03 14:04:01 GMT+8:00 [01872:00340] [ web_PageCB_QuarantineQuery.cpp( 242)] DEBUG AD-QStr: (&
(objectClass=user)(!(objectClass=computer))(|(cn=)(userPrincipalName=)(sn=)(givenName=)(displayName=)
(sAMAccountName=)(msRTCSIP-PrimaryUserAddress=sip:*)))
2018/07/03 14:04:01 GMT+8:00 [01872:00340] [ util_DirectoryHelper.cpp( 96)] DEBUG ==> GetRootGCPath
2018/07/03 14:05:18 GMT+8:00 [01872:00340] [ util_DirectoryHelper.cpp( 121)] DEBUG enumeration finished
2018/07/03 14:05:18 GMT+8:00 [01872:00340] [ util_DirectoryHelper.cpp( 165)] WARN !!! enumeration GC object
failed. hr = 1, lFetch = 0
2018/07/03 14:05:18 GMT+8:00 [01872:00340] [ util_DirectoryHelper.cpp( 178)] DEBUG 2018/07/03 14:05:18 GMT+8:00 [01872:00340] [ util_DirectoryHelper.cpp( 70)] DEBUG ==> GetGCFromRootDSE
2018/07/03 14:05:18 GMT+8:00 [01872:00340] [ util_DirectoryEntry.cpp( 407)] DEBUG ==>
_ADOpenObject(LDAP://rootDSE)
2018/07/03 14:06:53 GMT+8:00 [01872:00340] [ util_DirectoryEntry.cpp( 425)] WARN !!! _ADOpenObject error
=0x8007203a, path=LDAP://PP2010/rootDSE
2018/07/03 14:06:53 GMT+8:00 [01872:00340] [ util_DirectoryHelper.cpp( 90)] DEBUG 2018/07/03 14:06:53 GMT+8:00 [01872:00340] [ web_PageCB_QuarantineQuery.cpp( 389)] DEBUG IDN_TXT_SEARCH_KEYWORD success
2018/07/03 14:06:53 GMT+8:00 [01872:00340] [ web_PageCB_QuarantineQuery.cpp( 390)] DEBUG CPageCB_QuarantineQuery::_GetSearchResult()
Details
Public

This issue happens when Lightweight Directory Access Protocol (LDAP) port is disabled on the AD server. When this happens, the PortalProtect server has problems doing AD query because PortalProtect only supports LDAP. To resolve the issue, please enable LDAP port 389 on the AD server.

Premium
Internal
Rating:
Category:
Configure; Troubleshoot
Solution Id:
1120518
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.