edirectory authentication failed. Possible causes: trees are not in sync or network latency issue on 2023.4 new server installed

Try to Join Server to a tree and get the error authentication issue.  Try 3 different server without success. Also do ndsrepair before having the server added.  My master replica is on a oes2 server which house the CA.  Please help.  Deeply apreciated

  • Verified Answer

    +1  

    What is the expiry of the CA?  And how was it signed?   If it was SHA1 there could just be cypher level issues, as an increasing number of tools run away from certs with such a CA.

    Which ndsrepair commands checked on the existing servers in the tree?  The standard set that should show zero errors is

    ndsrepair -T
    ndsrepair -E
    ndsrepair -C -A -Ad

    ________________________

    Andy of KonecnyConsulting.ca in Toronto
    Please use the "Like" and/or "Verified Answers" as appropriate as that helps us all.

  • 0 in reply to   

    The CA is expiring July 14 2024.  I was plan to move it a oes 2018 server. Is it possible to delete it.  I know that it sign RSA with SHA256. As for ndsrepair -T it come back 0 with all of the replica server.  When I run ndsrepair -E there is zero error.  I could only ndsrepair -C -Ad.  I cannot run -C -A -Ad.  There was zero error.