Error: "The given servers are not operational" appears when adding domains or domain controllers in Domains & Accounts

Error: "The given servers are not operational" appears when adding domains or domain controllers in Domains & Accounts

Issue description  

While adding a domain or domain controller (DC) in EventLog Analyzer's Domains and Accounts section and updating the setting, an error popup will display "The given servers are not operational," even if the domain status is active. The image below is for your reference.

Possible causes  

  • Incorrect server name might have been entered while configuring.
  • Already added DCs in the product might be decommissioned in your native Active Directory.
  • Network or port connectivity might be disrupted between the server EventLog Analyzer is installed on and the added DCs of your Active Directory or between your primary DC and other DCs.
  • Ensure the server EventLog Analyzer is installed on is using the correct DNS server, one that can resolve the DC hostname.

Prerequisites  

  • Ensure that the LDAP ports are opened/enabled in the firewall rules of both the server EventLog Analyzer is installed on and the DCs that are about to be added with the status "Allowed, not restricted."
  • Test the network/port connectivity between the server EventLog Analyzer is installed on and the DCs using the appropriate ping and Telnet commands (listed in Step 3).
  • Verify that the domain is successfully accessible from the server EventLog Analyzer is installed on.
  • Validate that the endpoint DCs are up and running as intended.

Steps to follow  

Step 1: Update the domain admin credentials in the Domains and Accounts settings, as per these instructions.
Step 2: Reload the domain objects once for the domain for which the issue occurred. The images below provide an example of how this can be done.
Step 3: After ensuring that the LDAP ports are opened/enabled in both EventLog Analyzer and the endpoint DC, execute the following ping and Telnet command from the EventLog Analyzer installed server.
  • Ping command: ping <servername or IP address or FQDN>
    • Specify the details of the endpoint DC.
  • Telnet command: TNC <servername or IP address or FQDN> -p 389 
    • Specify the details of the endpoint DC.
  • The images provided below are for your reference.
Step 4: Verify manually by executing the following LDAP query:
  • "[adsi]'LDAP://CN=DC01,OU=Domain Controllers,DC=testdomain,DC=com"
  • Where CN=domain controller and DC=domain name
  • If the domain name is zoho.com, then we have to mention two DCs: DC=zoho and DC=com
  • If the domain name is csez.zoho.com, then you have to mention three DCs: DC=csez, DC=zoho, DC=com
  • The below image is for your reference.
If the above steps are successful and still not able to add domain, download the Microsoft tool here to troubleshoot further.
Steps to run the ADExplorer tool 
Step 1: Download the tool and unzip the file in the server EventLog Analyzer is installed on.
Step 2: If your machine is 64bit architecture, open the ADExplorer64.exe file; otherwise, open ADExplorer.exe.
Step 3: Once the tool is opened, enter the required details (i.e.domain controller name, username, and password), then click Okay.
The below image is for your reference.

Successful connection
 
If the pre-requisites mentioned earlier are met, it will connect to the AD database; otherwise, an error will be prompted accordingly.
The following image is an example of what a successful connection looks like. 
 Failed connections scenarios 
Case 1 
You will get the "The Server is not operational" error when port 389 or 135 is blocked, the domain is not accessible, or there are any network connectivity issues.
The below image is for your reference.
Case 2 
When the username or password is incorrect, you will get the error "User Name/Password is wrong" or an "authentication wrong" pop-up in EventLog Analyzer.

Tips  

  • Update the domain admin credentials in the product as soon as it is updated in your native Active Directory.
  • Practice to remove the stale/decommissioned DCs from the product for seamless functionality.
  • Ensure the port/protocol restrictions are not inflicted via GPOs to block the connectivity from and to your EventLog Analyzer server.

Related articles  

  1. Domain and Accounts | Admin Settings | ManageEngine EventLog Analyzer Help
  2. Prerequisites

How to contact support    

  • After following the resolution steps, if the issue persists, please share with us the detailed steps you followed, along with all of the relevant screenshots to understand your standpoint better and provide an accurate solution.
  • We might require the product logs for further investigation of this issue. It will be prompted by one of our technical engineers if it is needed.
    • EventLog Analyzer product logs: <dir>: ManageEngine\EventLog Analyzer\logs
Support Channels:
Toll-Free (US): +1 844 649 7766
Request Support PortalSupport :: EventLog Analyzer

                  New to ADSelfService Plus?