I have an instance of Octopus hooking into AD, previously we have been able to search over the 3 domains we have setup, now it seems that when i try to add a new users its only returning values in the domain the Server is running.
nothing has changin as far i am aware on Octopus but i can’t confirm that in our AD. Would this be something that i would need to configure from AD or on Octopus.
when i search by name or domain address i get no reponses.
Hi @davyrob77,
Thank you for contacting Octopus Support.
If you haven’t come across this already, I recommend running through our AD troubleshooting guide:
Let me know if that helps turn anything up or if you have additional questions.
Regards,
Donny
Hi @donny.bell , i went through that site previously. I don’t think there will be an issue with how we have setup OD as that hasn’t changed in a long time.
we have for example 3 domains (A/B/C), Octopus Deploy and the account running are all based in Domain A
when i add a new user and search for thier details, it only brings back users from Domain A, even though previously i have added users from B/C. infact i am a user in a non-Domain A region and i can still log in fine.
would it be that the account running OD no longer has the ability to inspect on other domains or am i not searching correctly?
We ahve a task that runs to Synchronize external security groups and that validates the users in other domains, i just can’t add them!
Hi @davyrob77,
Thank you for getting back to me.
Octopus relies on LSASS.exe on the machine it is installed on for its communication with AD. On the troubleshooting page, there are scripts that you can run that mimic what Octopus does to help diagnose what is going on.
In case something changed with permissions, here is how we handle Domain trusts:
Here is a recent thread discussing a similar AD issue:
https://help.octopus.com/t/re-difficulty-configuring-domain-authentication/25600/35
Lastly, if you don’t mind uploading a raw task log of a “Synchronize external groups” task, I’d be happy to have a look to see if anything turns up there.
You may attach the log here or upload files via Octopus.com -> Sign-In -> Support Tab.
Let me know what you think.
Regards,
Donny
everything seems to be ok, the log file would suggest this when i search for a user using the DOMAIN\Username function
System.Runtime.InteropServices.COMException (0x80072022): The time limit for this request was exceeded.
This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.