Error "UnknownHostException: DomainDnsZones.<Example>.com:389" when adding / importing AD Source Directory connection
search cancel

Error "UnknownHostException: DomainDnsZones.<Example>.com:389" when adding / importing AD Source Directory connection

book

Article ID: 268044

calendar_today

Updated On:

Products

Data Loss Prevention Core Package

Issue/Introduction

Seeing the following error when importing from an AD source under directory connections

Level: SEVERE
Source: com.vontu.enforce.domainlayer.datauser.source.DataUserSyncTask
Message: User Synchronization failed:
Cause:
org.springframework.ldap.PartialResultException: nested exception is javax.naming.PartialResultException [Root exception is javax.naming.CommunicationException: DomainDnsZones.<Example>.com:389 [Root exception is java.net.UnknownHostException: DomainDnsZones.<Example>.com]]

Environment

Release : 15.x, 16.x

Cause

The enforce is unable to resolve the login server at DomainDnsZones.<Example>.com. This is required in order for DLP to use AD sources

Resolution

Method 1: Update the DNS

Work with domain administrators and ensure that the LDAP server is updating the forward lookup for DomainDnsZones. Also Verify that the Enforce server is pointed to the DNS server that the LDAP server is updating it's record on.

Method 2: Modify the Hosts file on the Enforce server and point it to the logon server

1. Open a command prompt and type "Echo %logonserver%" this will display the server name of the logon server.

2. Ping the server name from step 1

3. On the Enforce server edit the hosts file under \Windows\System32\Drivers\etc

4. Add the record to the hosts name in the correct format using the ip from step 2. For example: 10.10.5.200 DomainDnsZones.Example.com

5. Save the hosts file

6. Verify you can ping DomainDnsZones.Example.com

If step 6 is successful then retry the import from the Ad source.