Seeing the following error when importing from an AD source under directory connections

Level: SEVERE
Source: com.vontu.enforce.domainlayer.datauser.source.DataUserSyncTask
Message: User Synchronization failed:
Cause:
org.springframework.ldap.PartialResultException: nested exception is javax.naming.PartialResultException [Root exception is javax.naming.CommunicationException: DomainDnsZones.<Example>.com:389 [Root exception is java.net.UnknownHostException: DomainDnsZones.<Example>.com]]

Release : 15.x, 16.x

The enforce is unable to resolve the login server at DomainDnsZones.<Example>.com. This is required in order for DLP to use AD sources

Method 1: Update the DNS

Work with domain administrators and ensure that the LDAP server is updating the forward lookup for DomainDnsZones. Also Verify that the Enforce server is pointed to the DNS server that the LDAP server is updating it's record on.

Method 2: Modify the Hosts file on the Enforce server and point it to the logon server

1. Open a command prompt and type "Echo %logonserver%" this will display the server name of the logon server.

2. Ping the server name from step 1

3. On the Enforce server edit the hosts file under \Windows\System32\Drivers\etc

4. Add the record to the hosts name in the correct format using the ip from step 2. For example: 10.10.5.200 DomainDnsZones.Example.com

5. Save the hosts file

6. Verify you can ping DomainDnsZones.Example.com

If step 6 is successful then retry the import from the Ad source.