Symantec Endpoint Encryption Management Server error: "The global catalog server could not be contacted using the designated protocol..."
Article ID: 152453
Updated On:
Products
Endpoint Encryption
Issue/Introduction
Why can't I add an Active Directory (AD) Synchronization account to my Symantec Endpoint Encryption Management Server (SEEMS)?
Symptoms
When attempting to add an Active Directory Synchronization account in the Symantec Endpoint Encryption Management Server, the following error occurs: "The global catalog server could not be contacted using the designated protocol, global catalog server name forest name, and AD synchronization account. Check your entries and try again."
Symptoms
When attempting to add an Active Directory Synchronization account in the Symantec Endpoint Encryption Management Server, the following error occurs: "The global catalog server could not be contacted using the designated protocol, global catalog server name forest name, and AD synchronization account. Check your entries and try again."
- The User Domain value provided on the setup form is entered as a Fully Qualified Domain Name (FQDN).
Cause
The User Domain entry is used by the server to build a login string to authenticate to Active Directory. Active Directory requires a NETBIOS Domain Name for authentication purposes (i.e. mydomain\myuser instead of mydomain.com\myuser). Providing a Fully Qualified Domain name in the User Domain field will cause the SEEMS to fail to authenticate to the Active Directory Global Catalog server.
Resolution
Provide the NETBIOS name for the domain in the User Domain field when configuring Active Directory Synchronization.
Feedback
Yes
No
Powered by
