While setting up a method to interface with the Symantec Endpoint Protection Manager (SEPM) API you use an admin account which is set for AD Authentication. The API returns errors generating the access token.
Invalid response code 400 while generating oauth access token
EXCEPTION: Invalid Username or Password or the account is locked!
Sample log entry from the SEPM - semapisrv_log.2019-03-14.0.log:
2019-03-14 12:54:30,927 [http-apr-0.0.0.0-8446-exec-8] WARN c.s.s.server.module.login.ldap.LdapUtils - LdapUtils>> connectWithSimpleLoginForAD: Error-> failed to retrieve RootDSE from url=LDAPS://<subdomain>.<domain>.com:636!
2019-03-14 12:54:30,927 [http-apr-0.0.0.0-8446-exec-8] ERROR c.s.s.server.module.login.ldap.LdapManager - LdapUtils>> login: Error during login...
javax.naming.CommunicationException: <subdomain>.<domain>.com:636
There can be multiple causes for this: