Sophos AD Sync with error

HI,

I initally setup ad sync . Unfortunately the sync produces an error. It say, al log file will be generated, but it did not. Any idea what to look for?

Gathering data from LDAP...
Checking for mailboxes on test.com with filter (&(objectClass=user)(mailNickname=*)(displayName=*)(!cn=HealthMailbox*)(proxyAddresses=*)(msExchDelegateListLink=*)(userAccountControl:1.2.840.113556.1.4.803:=2)(|(|(homeMTA=*)(homeMDB=*)(msExchHomeServerName=*))(&(objectClass=contact)(targetAddress=*))))
Checking for mailboxes with search base OU=USERS,OU=test,DC=test,DC=com
Got mailboxes with search base OU=USERS,OU=test,DC=test,DC=com
Checking for public folders on test.com with filter (&(objectCategory=PublicFolder)(proxyAddresses=*)(displayName=*))
Checking for public folders with search base DC=test,DC=com
Got public folders with search base DC=test,DC=com
Checking for users on test.com with filter (&(objectCategory=person)(objectClass=user)(!sAMAccountType=805306370)(!cn=HealthMailbox*)(!userAccountControl:1.2.840.113556.1.4.803:=2))
Checking for users with search base OU=USERS,OU=test,DC=test,DC=com
Got users with search base OU=USERS,OU=test,DC=test,DC=com
Checking for groups in the OU=Sophos_Groups,OU=Groups,OU=test,DC=test,DC=com domain with filter (&(objectCategory=group))
Got groups in the OU=Sophos_Groups,OU=Groups,OU=test,DC=test,DC=com domain
Sending data to Sophos Central to determine changes that would be applied.
Sending data to Sophos Central for reconciliation...
HTTP request to https://api-CloudStation-eu-central-1.prod.hydra.sophos.com/api/adsync/sync/v2 error Conflict: {} / 
Retrying request to https://api-CloudStation-eu-central-1.prod.hydra.sophos.com/api/adsync/sync/v2
HTTP request to https://api-CloudStation-eu-central-1.prod.hydra.sophos.com/api/adsync/sync/v2 error Conflict: {} / 
HTTP request to https://api-CloudStation-eu-central-1.prod.hydra.sophos.com/api/adsync/sync/v2 failed after 2 tries.
Synchronization failed: Synchronization failed. This is most often due to connectivity issues. Details about the error will be written to today's log file at C:\ProgramData\Sophos\Sophos Cloud AD Sync\Logs.

  • Hi

    Would you please check if these domains and ports are allowed in your network? Also, any specific error under C:\ProgramData\Sophos\Sophos Cloud AD Sync\Logs\ ? 

    Shweta

    Community Support Engineer | Sophos Technical Support
    Support Videos | Product Documentation@SophosSupport | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.

     

  • Hi,

    there is no log under C:\ProgramData\Sophos\Sophos Cloud AD Sync\Logs\ 

    Firewall has no restriction regarding ports and domains

  • I am sorry, folder was hidden. 

    This is shown in the logs

    11:15:52.904 	[Th 18] Request received to sync immediately
    11:15:52.904 	[Th 25] Changed state to Busy
    11:15:52.904 	[Th 25] Performing active directory synchronization using AD Sync version 3.5.2.19
    11:15:52.904 	[Th 25] Performing active directory synchronization using AD Sync version 3.5.2.19
    11:15:52.904 	[Th 25] Configuring secure Sophos Central connection
    11:15:53.733 	[Th 25] [Sessions: redirectTo=, token=QFEkpfdeQH1VVBtWwWX2EQdvaElT378m, csrf=bfa7ab9e-ba22-47c7-b195-d7f56d1415b5, apis=[Apis: upe=[ApiUris: url=https://amzn-eu-central-1-euc1business.api-upe.p.hmr.sophos.com/frontend, ng_url=https://api-CloudStation-eu-central-1.prod.hydra.sophos.com/api, fallback_url=/fp/2df862b6-afdc-4cd1-bc11-52c52545c9e4/api]], mfa_required=False]
    11:15:53.733 	[Th 25] Gathering data from LDAP...
    11:15:53.733 	[Th 25] *** System Info ***
    11:15:53.733 	[Th 25] 	Command Line: "C:\Program Files (x86)\Sophos\Cloud\AD Sync\SophosADSyncService.exe"
    11:15:53.733 	[Th 25] 	User Name: SYSTEM
    11:15:53.733 	[Th 25] 	Domain User Name: NT AUTHORITY\SYSTEM
    11:15:53.733 	[Th 25] 	Local Machine Name: HBVMDC02
    11:15:53.733 	[Th 25] 	User Domain Name: test
    11:15:53.733 	[Th 25] 	Processor Count: 4
    11:15:53.733 	[Th 25] 	Millisecond Uptime: 947638953
    11:15:53.733 	[Th 25] 	OS Version: Microsoft Windows NT 6.2.9200.0
    11:15:53.733 	[Th 25] 	Is 64bit OS: True
    11:15:53.733 	[Th 25] 	Is 64bit Process: True
    11:15:53.733 	[Th 25] 	Environment Version: 4.0.30319.42000
    11:15:53.733 	[Th 25] 	Working Directory: C:\Windows\system32
    11:15:53.733 	[Th 25] 	Local Time Zone: W. Europe Daylight Time (02:00:00)
    11:15:53.733 	[Th 25] 	Using Default Proxy for https://cloud.sophos.com: False
    11:15:53.733 	[Th 25] 	Using Default Proxy for https://api-CloudStation-eu-central-1.prod.hydra.sophos.com/api: False
    11:15:53.904 	[Th 25] Call home response: [CallHome: version=3.5.2.19, hash=, uri=https://downloads.sophos.com/full/central/adsync/targz/SophosCentralADSyncSetup.3.5.2.19.tar.gz, enabled=False]
    11:15:53.998 	[Th 25] Configuring secure Active Directory connection through LDAP
    11:15:53.998 	[Th 25] Checking to see if we have stored configuration for LDAP.
    11:15:53.998 	[Th 25] Using: C:\ProgramData\Sophos\Sophos Cloud AD Sync\LDAPSettings.dat
    11:15:53.998 	[Th 25] Checking to see if we have stored credentials for LDAP.
    11:15:53.998 	[Th 25] Using: C:\ProgramData\Sophos\Sophos Cloud AD Sync\LDAPCredentials.dat
    11:15:53.998 	[Th 25] LDAP credentials were restored from a file and decrypted successfully.
    11:15:53.998 	[Th 25] Creating LDAP connection to host HBVMDC02.test.com
    11:15:54.154 	[Th 25] *** LDAP SSL Information ***
    11:15:54.154 	[Th 25] 	Cipher Strength: 256
    11:15:54.154 	[Th 25] 	Exchange Strength: 256
    11:15:54.154 	[Th 25] 	Protocol: 2048
    11:15:54.154 	[Th 25] 	Hash Strength: 384
    11:15:54.154 	[Th 25] 	Algorithm: Aes256
    11:15:54.154 	[Th 25] 	Key Exchange Algorithm: 44550
    11:15:54.154 	[Th 25] Searching LDAP under  for (objectClass=*).
    11:15:54.154 	[Th 25] Page:1 contains 1 response entries
    11:15:54.154 	[Th 25] The result set was not paged.
    11:15:54.154 	[Th 25] Search returned 1 records.
    11:15:54.154 	[Th 25] Searching LDAP under  for (objectClass=*).
    11:15:54.154 	[Th 25] Page:1 contains 1 response entries
    11:15:54.154 	[Th 25] The result set was not paged.
    11:15:54.154 	[Th 25] Search returned 1 records.
    11:15:54.154 	[Th 25] Searching LDAP under CN=Partitions,CN=Configuration,DC=test,DC=com for (netbiosname=*).
    11:15:54.170 	[Th 25] Page:1 contains 1 response entries
    11:15:54.170 	[Th 25] Last page detected in LDAP result.
    11:15:54.170 	[Th 25] The result set was not paged.
    11:15:54.170 	[Th 25] Search returned 1 records.
    11:15:54.170 	[Th 25] Found netbios name test for DC=test,DC=com
    11:15:54.170 	[Th 25] Checking for mailboxes on test.com with filter (&(objectClass=user)(mailNickname=*)(displayName=*)(!cn=HealthMailbox*)(proxyAddresses=*)(msExchDelegateListLink=*)(userAccountControl:1.2.840.113556.1.4.803:=2)(|(|(homeMTA=*)(homeMDB=*)(msExchHomeServerName=*))(&(objectClass=contact)(targetAddress=*))))
    11:15:54.170 	[Th 25] Checking for mailboxes with search base OU=USERS,OU=BASEL,DC=test,DC=com
    11:15:54.170 	[Th 25] Searching LDAP under OU=USERS,OU=BASEL,DC=test,DC=com for (&(objectClass=user)(mailNickname=*)(displayName=*)(!cn=HealthMailbox*)(proxyAddresses=*)(msExchDelegateListLink=*)(userAccountControl:1.2.840.113556.1.4.803:=2)(|(|(homeMTA=*)(homeMDB=*)(msExchHomeServerName=*))(&(objectClass=contact)(targetAddress=*)))).
    11:15:54.217 	[Th 25] Page:1 contains 0 response entries
    11:15:54.217 	[Th 25] Last page detected in LDAP result.
    11:15:54.217 	[Th 25] The result set was not paged.
    11:15:54.217 	[Th 25] Search returned 0 records.
    11:15:54.217 	[Th 25] Got mailboxes with search base OU=USERS,OU=BASEL,DC=test,DC=com
    11:15:54.217 	[Th 25] Checking for public folders on test.com with filter (&(objectCategory=PublicFolder)(proxyAddresses=*)(displayName=*))
    11:15:54.217 	[Th 25] Checking for public folders with search base DC=test,DC=com
    11:15:54.217 	[Th 25] Searching LDAP under DC=test,DC=com for (&(objectCategory=PublicFolder)(proxyAddresses=*)(displayName=*)).
    11:15:54.233 	[Th 25] Page:1 contains 0 response entries
    11:15:54.233 	[Th 25] Last page detected in LDAP result.
    11:15:54.233 	[Th 25] The result set was not paged.
    11:15:54.233 	[Th 25] Search returned 0 records.
    11:15:54.233 	[Th 25] Got public folders with search base DC=test,DC=com
    11:15:54.233 	[Th 25] Checking for users on test.com with filter (&(objectCategory=person)(objectClass=user)(!sAMAccountType=805306370)(!cn=HealthMailbox*)(!userAccountControl:1.2.840.113556.1.4.803:=2))
    11:15:54.233 	[Th 25] Checking for users with search base OU=USERS,OU=BASEL,DC=test,DC=com
    11:15:54.233 	[Th 25] Searching LDAP under OU=USERS,OU=BASEL,DC=test,DC=com for (&(objectCategory=person)(objectClass=user)(!sAMAccountType=805306370)(!cn=HealthMailbox*)(!userAccountControl:1.2.840.113556.1.4.803:=2)).
    11:15:54.280 	[Th 25] Page:1 contains 100 response entries
    11:15:54.295 	[Th 25] Page:2 contains 25 response entries
    11:15:54.295 	[Th 25] Last page detected in LDAP result.
    11:15:54.295 	[Th 25] The result set was not paged.
    11:15:54.295 	[Th 25] Search returned 125 records.
    11:15:54.295 	[Th 25] Got users with search base OU=USERS,OU=BASEL,DC=test,DC=com
    11:15:54.311 	[Th 25] Checking for groups in the OU=Sophos_Groups,OU=Groups,OU=Basel,DC=test,DC=com domain with filter (&(objectCategory=group))
    11:15:54.311 	[Th 25] Searching LDAP under OU=Sophos_Groups,OU=Groups,OU=Basel,DC=test,DC=com for (&(objectCategory=group)).
    11:15:54.326 	[Th 25] Page:1 contains 0 response entries
    11:15:54.326 	[Th 25] Last page detected in LDAP result.
    11:15:54.326 	[Th 25] The result set was not paged.
    11:15:54.326 	[Th 25] Search returned 0 records.
    11:15:54.326 	[Th 25] Got groups in the OU=Sophos_Groups,OU=Groups,OU=Basel,DC=test,DC=com domain
    11:15:54.326 	[Th 25] 125 users
    11:15:54.326 	[Th 25] 0 mailboxes
    11:15:54.326 	[Th 25] 0 groups
    11:15:54.326 	[Th 25] 0 public folders
    11:15:54.326 	[Th 25] 125 total records
    11:15:54.326 	[Th 25] Sending data to Sophos Central to determine changes that would be applied.
    11:15:54.326 	[Th 25] Sync: Compressed JSON from: 80874 bytes, to: 16244 bytes.
    11:15:54.326 	[Th 25] Adding header: X-Uncompressed-Content-Length with value: 80874
    11:15:59.998 	[Th 25] Sending data to Sophos Central for reconciliation...
    11:16:00.014 	[Th 25] Sync: Compressed JSON from: 80874 bytes, to: 16244 bytes.
    11:16:00.014 	[Th 25] Adding header: X-Uncompressed-Content-Length with value: 80874
    11:16:00.123 	[Th 25] HTTP request to https://api-CloudStation-eu-central-1.prod.hydra.sophos.com/api/adsync/sync/v2 error Conflict: {} / 
    11:16:00.123 	[Th 25] Retrying request to https://api-CloudStation-eu-central-1.prod.hydra.sophos.com/api/adsync/sync/v2
    11:16:00.498 	[Th 25] HTTP request to https://api-CloudStation-eu-central-1.prod.hydra.sophos.com/api/adsync/sync/v2 error Conflict: {} / 
    11:16:00.498 	[Th 25] HTTP request to https://api-CloudStation-eu-central-1.prod.hydra.sophos.com/api/adsync/sync/v2 failed after 2 tries.
    11:16:00.498 	[Th 25] Failed active directory synchronization. Reason: System.Net.Http.HttpRequestException ---> CommandLib.HttpRequestCommand+HttpStatusException: Exception of type 'CommandLib.HttpRequestCommand+HttpStatusException' was thrown.
       --- End of inner exception stack trace ---
       at CommandLib.HttpRequestCommand.EnsureSuccessStatusCodeResponseChecker.CheckResponse(HttpResponseMessage response)
       at CommandLib.HttpRequestCommand.SyncExeImpl(Object runtimeArg)
       at CommandLib.Command.BaseSyncExecute(Object runtimeArg, Command owner)
       at CommandLib.RetryableCommand.SyncExeImpl(Object runtimeArg)
       at CommandLib.Command.BaseSyncExecute(Object runtimeArg, Command owner)
       at SophosADSync.SophosCloudWebClient.MakeRequest(String address, HttpMethod method, Byte[] data, Dictionary`2 headers, Int32 maxRetries)
       at SophosADSync.SophosCloudWebClient.PerformSync(LDAPData ldapData, Boolean writeToDisk)
       at SophosADSync.ADSyncCommand.SyncExeImpl(Object runtimeArg)
       at CommandLib.Command.BaseSyncExecute(Object runtimeArg, Command owner)
       at SophosADSync.ChangeStateAndADSyncCommand.SyncExeImpl(Object runtimeArg)
    11:16:00.498 	[Th 25] Context for failure: RecurringCommand=>ScheduledCommand=>ChangeStateAndADSyncCommand=>ADSyncCommand=>RetryableCommand=>HttpRequestCommand(325)
    11:16:01.264 	[Th 25] [Sessions: redirectTo=, token=Lnzdw4omWWPV7x1q7v1bJz2sSEXZ1nFF, csrf=5a6fd1ca-db74-4777-860f-5851c0ec2948, apis=[Apis: upe=[ApiUris: url=https://amzn-eu-central-1-euc1business.api-upe.p.hmr.sophos.com/frontend, ng_url=https://api-CloudStation-eu-central-1.prod.hydra.sophos.com/api, fallback_url=/fp/2df862b6-afdc-4cd1-bc11-52c52545c9e4/api]], mfa_required=False]
    11:16:01.498 	[Th 25] Changed state to Idle
    

  • To be a little more specific. We use UTM with transparent proxy, but host where AD sync is installed in in the skip list

  • Do I need to open an official case with Sophos to get this settled?

  • Hi

    If you trigger the sync manually is it successful? In the AD sync tool do you have it configured to use API credentials or a Central Admin account? Sophos Central: How to set up Active Directory Sync using either API credential or Administrator account? Also please confirm if MFA is enabled, Previously we have seen issues when using accounts that are using Federated sign-in.

    Shweta

    Community Support Engineer | Sophos Technical Support
    Support Videos | Product Documentation@SophosSupport | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.

     

  • I use a user without MFA. This account is superadmin

  • Hi

    In that case,this would require in-depth investigation, could you please open a support case and PM me the case number once done? 

    Shweta

    Community Support Engineer | Sophos Technical Support
    Support Videos | Product Documentation@SophosSupport | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.