Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry.
Saviynt Copilot Icon

AD Connector and DC Locator

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on June 23 2020 at 16:15 UTC

Hi,


I would like to know if an example of a working DC Locator script would be available to enable high-availability on Active Directory (AD) connector.

In fact I have tried below script (really simple)

Script=(get-addomaincontroller -DomainName 'myDomain.testdomain.local' -Discover).hostname

The return from the webservice is in the below format :

[{"Objectreturned":"availableDC.myDomain.testdomain.local","Length":"24"}]

... and even if the retrieved domain controller is valid, the connection test performed on the AD connector still fails.


Thanks for advising.

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.
5 REPLIES 5

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on June 24 2020 at 04:19 UTC

Hi Adrien,


Greetings!!


Did you try below config in DC locator:

Script=Get-ADDomainController



Please try the above and let me know your views.


Thanks & Regards,

Anand Kumar Jha

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on June 24 2020 at 06:32 UTC

Hi Anand

Yes, this is the command that I am executing above.

As Active Directory connector except a string like "ldaps://domainController.myDomain.testdomain.local:636/ as URL to connect, I also tried to format the available domain controller with the script below :

Script=\$domainName = \'myDomain.testdomain.local\';\$DC = Get-ADDomainController -DomainName \$domainName -Discover;return \'ldaps://{0}:636/\' -f \$DC.Hostname[0];

It still returns the same kind of Map, but the AD connection is still in failure:

[{"Objectreturned":"ldaps://availableDC.myDomain.testdomain.local:636/","Length":"24"}]

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on June 24 2020 at 09:10 UTC

Hi Adrien,


Greetings!!

Could you please confirm if you are getting multiple values in Hostname.Once you execute this script directly vi powershell on windows server.If the answer is yes,Did you try these sample examples like?


if return in hostname is a single value:


Script=(get-addomaincontroller -DomainName 'saviyntadmin.com' -Discover).HostName


or if return in hostname is a multi-value :


Script = (get-addomaincontroller -DomainName 'saviyntadmin.com' -Discover).HostName[0]


Where saviyntadmin.com is a example of primary domain server.



In case, issue persists. Please raise a Jira with proper logs and we could look in to that.


Thanks & Regards,

Anand Kumar Jha

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on June 25 2020 at 07:23 UTC

Hi Anand,


I'm always retrieving one working domain controller.

Not sure if you read the script I've inserted above but your suggestions is exactly what I'm using.


Therefore, I'd need a sample code that is working in one of your environments if, on the AD connector, the mentioned domain controller is no longer valid.


Thanks,

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on June 25 2020 at 09:28 UTC

Hi Adrien,


Greetings!!


The above shared samples are working examples.

If it doesn't work for you. Please raise a Jira ticket with the information.


Thanks & Regards,

Anand Kumar Jha


This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.