Unable to add or sync domain
You are trying to add or sync domains in Mobile Device Manager Plus. You have selected the network type as Active Directory and specified all the required information. However you are unable to add or sync the domains.
The reasons for this error could be one of the following:
You are required to identify the cause for this problem and follow the relevant solution from the list given below:
Incorrect name of the domain
Correct spelling errors, if any, in the domain name, domain contoller name and the AD domain name that you have specified.
Incorrect administrator credentials
Ensure that the credentials that you have specified have administrative rights in all client systems.
- Ensure that the domain user name you have specified has administrator privileges for the specified OU and domain.
- Check the password which you have specified, for errors related to case and spelling.
Inaccessible domain controller
- Ensure that the specified domain controller is accessible. The reasons why the domain controller could be inaccessible are as follows:
- Network failure (contact your IT administrator)
- Computer in which the domain controller has been set could be switched off
- Active Directory is not running in the domain controller
- Check if the Active-Directory domain that you have specified is correct. To check this information, follow the steps given below:
- Click Start->Run.
- Enter cmd.
- Enter set u.
- Click Enter.
You will see the following information:
- USERDNSDOMAIN= Domain name of the Active Directory
- USERDOMAIN= Domain name
- USERNAME= User name
- USERPROFILE= Profile of the user
- Check if the domain controller name that you have specified is correct. To check this information, follow the steps given below:
- Click start->Run.
- Enter cmd.
- Enter SET LOGONSERVER.
- Press Enter.
Note: Ensure that you check for the right domain-controller name in the computer that belongs to that domain.
You will see the term LOGONSERVER on the screen. This is the name of the domain controller.
NOTE: If the server is in a DMZ, ensure it is accessible to the managed devices.
MDM requires Administrator authorization to grant to access this Azure AD
- Verify whether the user name and password is correct.
- The user needs to grant access to MDM for viewing the AD. If you're using Azure on a free subscription account, Azure AD cannot be added, even if granted access as explained here.
If the OAuth token is expired
A deactivated OAuth token will prevent the syncing of the Azure AD domain. Reactivate the OAuth token and try syncing again.
If access to ManageEngine MDM is removed from the G Suite account
- On the MDM console, select Chromebook Enrollment under the Enrollment tab.
- Here, remove the configured G Suite and reconfigure it. During this process, the managed Chrome devices get unenrolled and re-enrolled. All the policies will get re-associated on device enrollment, resulting in no data loss.
If the Okta Token expired, or it is revoked from Okta
- For this particular Okta domain, click the action button and select Modify.
- Now, create another Token in your Okta organization and specify the new Token Value. Learn more