How can we improve the management tools and experience in Windows Server?

← Management Tools

[Bug] LDAP Connectivity Fails when AD and Gateway have different DNs

WAC/Gateway Server: 1910.2

Description
Gateway server is located in a site of a corporate domain. When adding security groups AD or local it fails saying that the group was not found in the sub site. Example below

Request:
Allow modification of the LDAP settings or use the FQDN of the domain rather than accepting the domain name of the gateway server.

Note: Please don't ask why it is configured that way or if I can change this. This configuration was in place long before my time and will not be modified.

Example:
AD Domain: na.corp.com
AD NETBIOS Domain: (CORP)
Gateway FQDN: wac.site.corp.com
- Gateway is part of CORP (na.corp.com) domain

Adding a group located in AD (CORP)
Group Name: WACSiteDBAs
- Added as CORP\WACSiteDBAs
- Added as na.corp.com\WACSiteDBAs

Adding a group located on the gateway (wac.site.corp.com)
Group Name: SiteDBAs
- Added as WAC\SiteDBAs
- Added as BUILTIN\SiteDBAs
- Added as SiteDBAs

Error:
Group <GroupName or Domain\GroupName> does not exist in domain site.corp.com or on the gateway machine. Individual users cannot be added to this list.
- This error is the same for each attempt

From Event Log:
Microsoft-ServerManagementExperience


  • <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">

  • <System>
    <Provider Name="SMEGateway" />
    <EventID Qualifiers="0">0</EventID>
    <Level>2</Level>
    <Task>0</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2020-04-02T17:06:11.258666700Z" />
    <EventRecordID>155665</EventRecordID>
    <Channel>Microsoft-ServerManagementExperience</Channel>
    <Computer>wac.site.corp.com</Computer>
    <Security />
    </System>

  • <EventData>
    <Data>The server could not be contacted.</Data>
    </EventData>
    </Event>

3 votes
Sign in
(thinking…)
Sign in with: Facebook Google
Forgot password?
Create a password
Signed in as (Sign out)
Close
Close

We’ll send you updates on this idea

Jon shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

4 comments

Sign in
(thinking…)
Sign in with: Facebook Google
Forgot password?
Create a password
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment

Management Tools: Windows Admin Center

Categories

Feedback and Knowledge Base

(thinking…)