This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Domain (joining) problems after up2date to 9.713-19

Hi everybody,

yesterday I updated our UTM to 9.713-19 via up2date. After that, every two hours I got a message

[WARN-531] Directory Services synchronization: There was an error synchronizing subscribed groups. The Sophos UTM will continue to operate with a locally cached copy of the data but will be unable to update from Directory Services until the issue is resolved.
Error was:
failed to get base dn of domain myfoo.bardomain.tld

Authentication Services -> Servers -> (my AD connection): both tests of the "bind dn" as well as the "base dn" were successful.

I then tried to re-join our domain via Authentication Services -> Single Sign On -> Active Directory SSO and now I always get "joining the domain failed"

I went through the domain joining checklist (DNS forwarders, request routing etc.), did internal and external DNS tests via the Sophos UTM support tools, checked the hostname DNS settings in our AD DNS and even deleted the old computer object created by the last successful domain join years ago.

I reapplied the latest up2date and rebooted the UTM.

No luck. I'm not able to join our UTM to our domain anymore.

Any pointers?

Kind regards



This thread was automatically locked due to age.
Parents
  • You are using a FQDN aren't you?  If that is truncated or incorrect, it can cause that error.  Could be a DNS issue as well.  Are you joining it using an account that has domain admin access?

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

Reply
  • You are using a FQDN aren't you?  If that is truncated or incorrect, it can cause that error.  Could be a DNS issue as well.  Are you joining it using an account that has domain admin access?

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

Children
  • Hi,

    I was wondering if there were any further updates to this thread. I was going to update our SG330 UTM and came across this discussion. We have our UTM connected to our local AD, so wondered if this was a common problem, or how it would affect us if I performed the update.

    Thanks,

    Pat.