This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Issue ADSYNc Active Directory sinchronization failed

HI team

How are you? I need your help me, about I have a problem with a Active Directory Sinchronization, because at this moment I oppressed the key "Preview and Sync". It shows on the application "sync finished with errors" and the next logs :

10:31:30.249 a.m. Error [Th 12] Active Directory synchronization failed. Reason: SophosCloudADSyncLib.DisplayableException: Error making a request over LDAP. Please review the connection settings you specified. The LDAP server returned the following error: 0000208D: NameErr: DSID-03100241, problem 2001 (NO_OBJECT), data 0, best match of:
'OU=CSF,DC=csf,DC=local'
---> System.DirectoryServices.Protocols.DirectoryOperationException: The object does not exist.
at System.DirectoryServices.Protocols.LdapConnection.ConstructResponse(Int32 messageId, LdapOperation operation, ResultAll resultType, TimeSpan requestTimeOut, Boolean exceptionOnTimeOut)
at System.DirectoryServices.Protocols.LdapConnection.SendRequest(DirectoryRequest request, TimeSpan requestTimeout)
at SophosCloudADSyncLib.LdapRequestCommand.SyncExeImpl(Object runtimeArg)
--- End of inner exception stack trace ---
at SophosCloudADSyncLib.LdapRequestCommand.SyncExeImpl(Object runtimeArg)
at CommandLib.Command.BaseSyncExecute(Object runtimeArg, Command owner)
at SophosCloudADSyncLib.LdapSearchCommand.searchLdap(SearchParams searchParams)
at CommandLib.Command.BaseSyncExecute(Object runtimeArg, Command owner)
at SophosADSync.GetAllADEntriesCommand.GetEntries(String defaultFilter, String additionalFilter, String searchItemName, SearchBase searchBase, String[] searches, HashSet`1 mailboxes)
at SophosADSync.GetAllADEntriesCommand.GetMailboxes(SearchBase searchBase, HashSet`1 mailboxes)
at SophosADSync.GetAllADEntriesCommand.GetObjectsInTree[T](LDAPFilters ldapFilter, SearchBase searchBase, HashSet`1 objects, GetObjects`1 getObjectsDelegate)
at SophosADSync.GetAllADEntriesCommand.GetObjectsInForest[T](LDAPFilters ldapFilter, HashSet`1 objects, GetObjects`1 getObjectsDelegate)
at SophosADSync.GetAllADEntriesCommand.GetObjectsInForest[T](LDAPFilters ldapFilter, GetObjects`1 getObjectsDelegate)
at SophosADSync.GetAllADEntriesCommand.SyncExeImpl(Object runtimeArg)
at CommandLib.Command.BaseSyncExecute(Object runtimeArg, Command owner)
at SophosADSync.GetChangesCmd.SyncExeImpl(Object runtimeArg)
at CommandLib.Command.BaseSyncExecute(Object runtimeArg, Command owner)
at SophosADSync.ADSyncCommand.SyncExeImpl(Object runtimeArg)
at CommandLib.Command.BaseSyncExecute(Object runtimeArg, Command owner)
at SophosADSync.ChangeStateAndADSyncCommand.SyncExeImpl(Object runtimeArg)
10:31:30.249 a.m. Error [Th 12] Context for failure: RecurringCommand=>ScheduledCommand=>ChangeStateAndADSyncCommand=>ADSyncCommand=>GetChangesCmd=>GetAllADEntriesCommand=>LdapSearchCommand=>LdapRequestCommand(707)

10:32:33.359 a.m. Error [Th 12] Active Directory synchronization failed. Reason: System.Net.Http.HttpRequestException: An error occurred while sending the request. ---> System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.
at System.Net.TlsStream.EndWrite(IAsyncResult asyncResult)
at System.Net.ConnectStream.WriteHeadersCallback(IAsyncResult ar)
--- End of inner exception stack trace ---
at System.Net.HttpWebRequest.EndGetRequestStream(IAsyncResult asyncResult, TransportContext& context)
at System.Net.Http.HttpClientHandler.GetRequestStreamCallback(IAsyncResult ar)
--- End of inner exception stack trace ---
at CommandLib.HttpRequestCommand.SyncExeImpl(Object runtimeArg)
at CommandLib.Command.BaseSyncExecute(Object runtimeArg, Command owner)
at CommandLib.RetryableCommand.SyncExeImpl(Object runtimeArg)
at CommandLib.Command.BaseSyncExecute(Object runtimeArg, Command owner)
at SophosADSync.SophosCloudWebClient.MakeRequest(String address, HttpMethod method, Byte[] data, Dictionary`2 headers, Int32 maxRetries)
at SophosADSync.SophosCloudWebClient.MakeRequest[T](String address, HttpMethod method, Byte[] data, Dictionary`2 headers, Int32 maxRetries)
at SophosADSync.SophosCloudWebClient.SubmitPreviewSyncData(LDAPData ldapData, Boolean writeToDisk)
at SophosADSync.ADSyncCommand.PreviewSync(LDAPData ldapData, Boolean isManualSync)
at SophosADSync.ADSyncCommand.SyncExeImpl(Object runtimeArg)
at CommandLib.Command.BaseSyncExecute(Object runtimeArg, Command owner)
at SophosADSync.ChangeStateAndADSyncCommand.SyncExeImpl(Object runtimeArg)
10:32:33.359 a.m. Error [Th 12] Context for failure: RecurringCommand=>ScheduledCommand=>ChangeStateAndADSyncCommand=>ADSyncCommand=>RetryableCommand=>HttpRequestCommand(814)



This thread was automatically locked due to age.
  • Hi There,

    If you have a custom filter defined in AD Sync tool, and that OU is removed from Active Directory afterward, you will see the following errors:


    Failed active directory synchronization. Reason: SophosCloudADSyncLib.DisplayableException: Error making a request over LDAP. Please review the connection settings you specified. The LDAP server returned the following error: 0000208D: NameErr: DSID-03100213, problem 2001 (NO_OBJECT), data 0, best match of:
    System.DirectoryServices.Protocols.DirectoryOperationException: The object does not exist.


    The error does not reference the name of the removed OU. To resolve this error, you’ll need to review any filters you have set up under the AD Filters tab and the Define Filters button. Remove any filters referencing objects removed from your Active Directory and this issue will be solved.

    Glenn ArchieSeñas (GlennSen)
    Global Community Support Engineer

    The New Home of Sophos Support Videos!  Visit Sophos Techvids