Unable to Add Domains in the Scope of Management (SoM)

Problem

 You are unable to add the domains in SoM of Endpoint Central in an active directory based setup and the error message displayed on the screen is, "Validation Failed". This problem occurs only if the network type selected is Active Directory. You will not face this problem in a workgroup based setup.

 

Cause

The reasons for this error could be one of the following:

  • Incorrect name of the domain, Active Directory domain or domain controller specified.
  • Incorrect administrator credentials (username and password) specified.
  • Invalid user- User does not have admin privileges in the specified domain or Organizational Unit (OU).
  • Inaccessible domain controller.

Resolution

Identifying the cause of the problem is the first step here. Follow the rest of the steps given below to resolve this issue. 

Incorrect name of the domain

Correct spelling errors, if any, in the domain name, domain controller name and the AD domain name which has been specified.

Incorrect administrator credentials

Ensure that the credentials that you have specified have administrative rights in all client systems.

Invalid user

  • Ensure that the domain user name you have specified has administrator privileges for the specified OU and domain.
  • Check the password, which you have specified, for errors related to case and spelling. If there are no spelling errors, make the appropriate the changes in the Add Domain dialog box in the SoM.

Inaccessible domain controller

Note: If you have migrated your domain controller, ensure that you have updated the domain settings under SOM.

    • Ensure that the specified domain controller is accessible (you could have specified either the domain controller's machine name or IP address). The reasons why the domain controller could be inaccessible are as follows:
      • Network failure (contact your IT administrator)
      • Computer in which the domain controller has been set could be switched off
      • Active Directory is not running in the domain controller
    • Check if the Active-Directory domain that you have specified is correct. To check this information, follow the steps given below:

      Click Start -> Run -> cmd and type in set u and hit enter.

      You will see the following information:

      • USERDNSDOMAIN= Domain name of the Active Directory
      • USERDOMAIN= Domain name
      • USERNAME= User name
      • USERPROFILE= Profile of the user
    • Check if the domain controller name that you have specified is correct. To check this information, follow the steps given below:

      Click Start -> Run -> enter cmd -> type in SET LOGONSERVER and hit enter.

      Note: Ensure that you check for the right domain-controller name in the computer that belongs to that domain. You will see the term LOGONSERVER on the screen. This is the name of the domain controller.

Applies to: Endpoint Central Installation, Agent Installation failure, Add Domains in SoM

Keywords: Install Agents, Endpoint Central Agent Installation, Agent Installation, Add Domains in Scope of Management