Why is ADManager Plus not detecting domain controllers?
Issue description
ADManager Plus fails to detect domain controllers (DCs). This issue prevents administrators from performing user and group management, policy enforcement, or other Active Directory (AD) related operations.
This issue can be identified through error messages such as The given server is not operational, missing DCs in the ADManager Plus console, or failed synchronization with AD.
Possible causes
Network connectivity issues: Firewalls or network configurations blocking communication between ADManager Plus installed server and DCs.
Incorrect permissions: The service account lacks permissions to query DCs.
DNS misconfiguration: DCs not registered in DNS or incorrect DNS records.
DC issues: DCs offline, demoted, or improperly configured.
Prerequisites
Administrative access to ADManager Plus and DC.
Resolution
Step 1: Verify network connectivity
Ping the DC from the ADManager Plus server and run <DC_IP_or_Hostname>
Ensure ports like 389 (LDAP), 636 (LDAPS), and 3268 (Global Catalog) are open. Test with, TNC <DC_IP> 389.
If the ports are closed, create a firewall inbound rule to allow traffic.
Step 2: Check connection between ADManager Plus and DC
Download the DMZ Port Analyzer link and launch the application.
Enter the hostname or IP address of the DC.
The second screen will display the status of ports specific to ADManager Plus.
Review the list of required ports and confirm they are Open for proper ADManager Plus functionality.
If ports are blocked, update your firewall settings accordingly.
Step 3: Validate DNS configuration
Use nslookup to verify that the domain controller is resolving to the correct IP address:
Open Command Prompt on the ADManager Plus server.
Run nslookup <DomainControllerName> to check the IP address of the DC.
Ensure that the returned IP address matches the expected IP of the DC.
If the IP is incorrect or not resolving, check the DNS settings on the ADManager Plus server and ensure it is using the correct DNS server (preferably a DC).
Step 4: Reconfigure the domain controller list
Log in to ADManager Plus.
Navigate to Directory/Application settings > Active Directory.
Edit the domain and click Discover Now or Add More DCs.
Provide the service account password and click Update.
Related topics and articles
Tips
Monitor DC health using tools like dcdiag.
Keep ADManager Plus updated for bug fixes.
How to reach support
If the issue persists, contact our support team here.New to ADSelfService Plus?
Related Articles
How to change the domain controller used by ADManager Plus
Objective In certain scenarios, such as slow response times, site-specific configurations, or compliance requirements, you may need to change the domain controller (DC) that ADManager Plus uses for Active Directory operations like user provisioning, ...Why aren't AD objects showing up after adding a domain in ADManager Plus?
Issue description After adding a new domain in ADManager Plus, you may find that directory objects such as users, groups, computers, or OUs are not being retrieved. Although the domain appears in the configured list, no data is displayed for ...Password Policy report in ADManager Plus
The Password Policy report in ADManager Plus is generated by querying the LDAP attributes of the domain object, such as minPwdAge, maxPwdAge, minPwdLength, pwdHistoryLength, and pwdProperties. These attributes are determined by the Group Policy ...Unable to generate the DC replication report in ADManager Plus
Issue description The DC Replication Status report in ADManager Plus is essential for monitoring the health and status of AD replication across domain controllers. This report helps administrators identify replication issues, detect inconsistencies, ...How to host ADManager Plus on Microsoft Azure
Objective Organizations looking to modernize their infrastructure often ask whether ADManager Plus can be hosted on Microsoft Azure. Hosting ADManager Plus on Azure helps centralize Active Directory management, improve availability, and support ...