Issue description  

Prerequisites

• The user account used for integration has domain administrator or equivalent permissions.
• The domain name is correctly entered (e.g., example.com and not example\com).
• The application server can communicate with the domain controllers over the required ports.

Possible causes  

• Active Directory Ports and Protocols Issues – Required ports for communication with Active Directory are not properly configured, leading to installation failures.
• Firewall and Security Restrictions – Firewall or security group rules are blocking the installation process.

• DNS Configuration Errors – Incorrect or misconfigured DNS settings prevent proper resolution of the installation path.

• Duplicate SPNs – Conflicting or duplicate Service Principal Names (SPNs) can interfere with authentication during installation.

• Insufficient Credentials and Permissions – The SYSTEM account or installer lacks the necessary permissions to write to the installation directory.

• Service-Related Issues – Dependent services required for installation are not running or need to be restarted.

Resolution

Step 1: Verify active directory ports and protocols

Note: If you are using Windows Firewall you can open dynamic ports, 49152-65535, on the monitored computers by enabling the inbound rules listed below.

Remote Event Log Management (NP-In)

Remote Event Log Management (RPC)

Remote Event Log Management (RPC-EPMAP)

To enable the above rules: Open Windows Firewall → Advanced settings → Inbound Rules → Right click on respective rule → Enable Rule.

Step 2: Check firewall and security group rules  

• Ensure the necessary inbound and outbound rules are enabled in the system firewall.
  
• Open Windows Firewall → Advanced settings → Inbound\outbound Rules (based on the port direction) → Right click on respective rule → Enable Rule.
• If using AWS/Azure, confirm security group rules allow traffic on these ports.
  

AWS – Check security group rules  

1. Go to the EC2 dashboard  

• Sign in to the AWS Management Console.

• Navigate to EC2 → Security Groups (under "Network & Security").

2. Locate the security group  

• Select the Security Group attached to your EC2 instance.

• You can find the SG name in your EC2 instance details under the Description tab.

3. Check inbound rules  

• Click on the Inbound rules tab.

• Look for entries that match the ports you want to verify

• Ensure:

• Protocol is correct (TCP/UDP).

• Port Range includes the desired port.

• Source allows the traffic (e.g., 0.0.0.0/0 for public access, or a specific IP range).

Azure – Check network security group (NSG) rules  

1. Go to azure portal  

• Log in to https://portal.azure.com.

• Navigate to Virtual Machines → Select your VM.

2. Find the NSG  

• Under the VM’s Networking section, locate the Network Interface or Subnet that the NSG is attached to.

• Click the NSG name to open it.

3. Check inbound security rules  

• Go to Settings → Inbound security rules.

• Review the list and ensure:

• Priority is low enough (lower numbers take precedence).

• Port matches the one required.

• Protocol is correct.

• Source is properly configured.

Step 3: Validate DNS configuration  

1. Open Command Prompt on the ADAudit Plus server.
   
2. Run the following command to check forward lookup:
3. nslookup <domain-name>
   

• Ensure that it resolves to the correct IP address.

4. Run the following command to check reverse lookup:
5. nslookup <domain-controller-IP>

• Ensure that it resolves to the correct hostname.

Step 4: Check and remove duplicate SPNs  

1. Open Command Prompt as an administrator.
   
2. Run the following command to check for duplicate SPNs:
3. setspn -Q */<TargetMachineHostname>
4. If duplicates exist, remove them using:
5. setspn -D <duplicateSPN> <MachineName>
   

Step 5: Verify credentials and permissions  

• Use a domain administrator account or an account with Read and Write permissions for Active Directory.
  
• Confirm that the account is not locked out or restricted by policies.
  

Step 6: Restart related services  

1. Restart the following services on the domain controller:
   
1. net stop netlogon
   net start netlogon
2. Restart the ADAudit Plus service:
1. net stop ADAuditPlus
   net start ADAuditPlus

Related topics and articles  

• Configuring ADAudit Plus for Active Directory
  

• Troubleshooting DNS and LDAP Issues

• Microsoft SPN Configuration Guide
  

How to reach support