Free Edition
What is MDM?
Enterprise Mobility Management
Mobile Device Management
Mobile Application Management
Mobile Security Management
Mobile Email Management
Mobile Content Management
BYOD
Compliance
- CJIS
- HIPAA
- ISO
- PCI
- GDPR
Awards & Reviews
Supported Platforms
- iOS
- Android
- Windows
- macOS
- Chrome OS
- Android Enterprise
- Samsung Knox
Related Products

Unable to add or sync domain

Problem

You are trying to add or sync domains in Mobile Device Manager Plus. You have selected the network type as Active Directory and specified all the required information. However you are unable to add or sync the domains.

Cause

The reasons for this error could be one of the following:

Resolution

On-Premises AD

You are required to identify the cause for this problem and follow the relevant solution from the list given below:

Incorrect name of the domain

Correct spelling errors, if any, in the domain name, domain contoller name and the AD domain name that you have specified.

Incorrect administrator credentials

Ensure that the credentials that you have specified have administrative rights in all client systems.

Invalid user

Ensure that the domain user name you have specified has administrator privileges for the specified OU and domain.
Check the password which you have specified, for errors related to case and spelling.

Inaccessible domain controller

Ensure that the specified domain controller is accessible. The reasons why the domain controller could be inaccessible are as follows:
- Network failure (contact your IT administrator)
- Computer in which the domain controller has been set could be switched off
- Active Directory is not running in the domain controller
Check if the Active-Directory domain that you have specified is correct. To check this information, follow the steps given below:
- Click Start->Run.
- Enter cmd.
- Enter set u.
- Click Enter.
You will see the following information:
- USERDNSDOMAIN= Domain name of the Active Directory
- USERDOMAIN= Domain name
- USERNAME= User name
- USERPROFILE= Profile of the user
Check if the domain controller name that you have specified is correct. To check this information, follow the steps given below:
- Click start->Run.
- Enter cmd.
- Enter SET LOGONSERVER.
- Press Enter.
Note: Ensure that you check for the right domain-controller name in the computer that belongs to that domain.

You will see the term LOGONSERVER on the screen. This is the name of the domain controller.

NOTE: If the server is in a DMZ, ensure it is accessible to the managed devices.

Entra ID(formerly Azure AD)

MDM requires Administrator authorization to grant to access this Entra ID

Verify whether the user name and password is correct.
The user needs to grant access to MDM for viewing the AD. If you're using Azure on a free subscription account, Entra ID cannot be added, even if granted access as explained here.

If the OAuth token is expired

A deactivated OAuth token will prevent the syncing of the Entra ID domain. Reactivate the OAuth token and try syncing again.

G Suite

If access to ManageEngine MDM is removed from the G Suite account

On the MDM console, select Chromebook Enrollment under the Enrollment tab.
Here, remove the configured G Suite and reconfigure it. During this process, the managed Chrome devices get unenrolled and re-enrolled. All the policies will get re-associated on device enrollment, resulting in no data loss.

Okta

If the Okta Token expired, or it is revoked from Okta

For this particular Okta domain, click the action button and select Modify.
Now, create another Token in your Okta organization and specify the new Token Value. Learn more