Error: Server Not Operational
Issue description
When using ADManager Plus, you may encounter the following error:
Server Not Operational
This issue prevents ADManager Plus from retrieving or modifying AD objects, impacting user management and automation tasks.
Possible causes
- Network restrictions: Required network ports for communication with the domain controller are blocked.
- DNS configuration issues: DNS settings on the ADManager Plus server are misconfigured.
- Permission issues: The service account used in ADManager Plus lacks the necessary permissions.
- Connectivity issues: There are connectivity issues between ADManager Plus and the domain controller in a DMZ environment.
Prerequisites
- Ensure you have administrator access to check domain controller status.
- Verify that the ADManager Plus server has network access to the domain controller.
Resolution
Step 1: Check network connectivity
- From the ADManager Plus server, test connectivity to the domain controller using:
- Test-NetConnection -ComputerName <DomainControllerFQDN> -Port 389
- Ensure the following ports are open between ADManager Plus and the domain controller:
- LDAP: 389 (TCP)
- LDAPS: 636 (TCP) (if using SSL)
- Global Catalog: 3268 (TCP)/3269 (TCP for SSL)
- Kerberos Authentication: 88 (TCP/UDP)
- SMB: 445 (TCP)
- If any ports are blocked, allow them through your firewall.
Step 2: Use DMZ Port Analyzer to diagnose issues (if in a DMZ)
- Enter the hostname or IP address of the domain controller.
- The second screen will display the status of ports specific to ADManager Plus.
- Review the list of required ports and confirm they are open for proper ADManager Plus functionality.
- If ports are blocked, update your firewall settings accordingly.
Tips
- Prefer LDAPS (636) over LDAP (389) to ensure encrypted communication.
- Restrict access to necessary services and avoid exposing them publicly.
- Grant only the minimum permissions required for a service's account.
- Regularly review authentication and access logs for anomalies.
- Keep the mail server, OS, and related services updated to patch vulnerabilities.
- Validate any configuration changes in a test environment before applying them in production.
How to reach support
New to ADSelfService Plus?
Related Articles
Error Code : 8007001f
Error Code: When I create/modify a user, I get the following error " A device attached to the system is not functioning - Error Code : 8007001f " Possible Root Cause: The root cause could be the non-operational DC's present in the domain or network ...Error code: 80072035 - Error in setting the password, The server is unwilling to process the request.
Error : Error in setting the password, The server is unwilling to process the request. Possible Cause : This error occurs directly from AD and it could be due to any of the following conditions, An attempt to set a value for an attribute that does ...Error Message: Couldn't establish the establish database connection. Unknown server host name.
Error Message: Couldn't establish the establish database connection. Unknown server host name. Possible Cause: 1. Database is offline. 2. Renamed database files. 3. Moved the database to a new server. 4. Correct ODBC version is not installed on the ...Error: Port 80 already in use. Change WebServer port in <ProductHome>/conf/server.xml
Error Message- Error: Port 80 already in use. Change WebServer port in <ProductHome>/conf/server.xml Possible Root Cause: This error message can be found in ADManager Plus, wrapper log file. This error message shows when ADManager Plus cannot start ...Error: No Skype for Business/Lync Server found when creating user using Create Single User feature.
Error Message: No Skype for Business/Lync Server found when creating a user using the Create Single User feature. Possible Cause: The technician account or the service account configured in Domain/Tenant Settings might not have necessary rights or ...