Can not join ProxySG to the domain with error LW_ERROR_LDAP_CONSTRAINT_VIOLATION
search cancel

Can not join ProxySG to the domain with error LW_ERROR_LDAP_CONSTRAINT_VIOLATION

book

Article ID: 174791

calendar_today

Updated On:

Products

Advanced Secure Gateway Software - ASG ProxySG Software - SGOS

Issue/Introduction

You receive the error LW_ERROR_LDAP_CONSTRAINT_VIOLATION when trying to rejoin the ProxySG to the domain.

Cause

Duplicate objects in Active Directory due to domain controller replication conflicts.

Resolution

  1. Delete all the computer accounts from AD
    • The main account
    • Any account with the name proxyCNF:<objectID>
    • Any $DUPLICATE-#####$ account name if the SG has that as its SG computer DN (conf t > security > windows-domains > edit Domain Name  > view)
  2. Force replication across domain controllers so they are deleted on all.
  3. Join the proxy to the domain
  4. Force replication across domain controllers to avoid a duplicate account being created again
Powered by Wolken Software