App Control: Active Directory Integration Failing Due to Invalid AdRules Xml
search cancel

App Control: Active Directory Integration Failing Due to Invalid AdRules Xml

book

Article ID: 286681

calendar_today

Updated On:

Products

Carbon Black App Control (formerly Cb Protection)

Issue/Introduction

  • When trying to log into the Console using an AD user, the following error message occurs:
    The user name or password you entered is incorrect. Enter a valid user and password, then try again.
  • The AD Logs captured in "\Program Files (x86)\Bit9\Parity Server\AppControlAD.log"¬†shows:
    ERROR ADHelper.ADMapping.GetRuleSetsFromXML - AdRules.xml is invalid
    ERROR ADHelper.ADMapping.ValidateXML - AdRules.xml is not Valid. 
    Error message = The 'version' attribute is not declared.
    The 'defaultResultName' attribute is not declared.
    The required attribute 'defaultResult' is missing.
    The required attribute 'stopEvaluation' is missing.

Environment

  • App Control Server: 8.9.0 - 8.9.2

Cause

The legacy AD rules file (adrules.xml) is incompatible with the App Control version 8.9.0 and higher

Resolution

This can be resolved in one of 2-ways:
  • Re-map the user roles following the steps in this KB
  • Upgrade the App Control Server version 8.9.4 or higher.