Identity Service Sync error: "The server is not operational"
KBS100266
PRODUCTIssue
The following error is raised each time the Identity Sync Service tries to sync against an Active Directory Provider:
Error - The server is not operational.
at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail)
at System.DirectoryServices.DirectoryEntry.Bind()
at System.DirectoryServices.DirectoryEntry.get_AdsObject()
at System.DirectoryServices.DirectorySearcher.FindAll(Boolean findMoreThanOne)
at SourceCode.Sync.Providers.AD.K2ActiveDirectorySearch.<FindAll>d__10.MoveNext()
at SourceCode.Sync.Providers.AD.Provider.<SyncAsync>d__22.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
Symptoms
The error can be viewed in the HostServer Log and in the [SyncEngine].[RunHistory] table.
Troubleshooting Steps
This can be caused by the LDAP Paths being configured to run with Global Catalog (GC://) when Global Catalog has been switched off in the Active Directory Domain Server.
If Global Catalog has been enabled in Active Directory Domain Server, the connection string can be configured either to use LDAP or Global Catalog. However, if this is not enabled you can only use LDAP.
More information can be found here: https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/manage/ad-forest-recovery-remove-gc
To change from Global Catalog to LDAP in K2, please follow the following steps:
- Open K2 Management and expand Users
- Expand the K2 node and click on Domains
- Select the Net Bios Name and click Edit
- Update the path in the LDAP Path text box and select OK.