Review directory diagnostics and domain information

Troubleshoot directory issues by making sure the directory domain information is correct in EAA and reviewing your internal network firewall rules.

To learn more about directories in EAA, see Directories.
Note: This procedure does not support the Cloud Directory service.

How to

  1. Log in to the EAA Management Portal as an administrator.
  2. From the top menu bar select Identity > Directories.
  3. Make sure your directory configuration is up to date. Locate the directory card you want to test and click Sync. Wait two to five minutes for the EAA directory configuration to sync across the cloud.
  4. Click Directory diagnostics (stethoscope icon).
    EAA directory diagnostics page for an AD
  5. In the Diagnostics page, verify the following:
    1. Domain. This field contains the AD or LDAP domain location of your native directory. Make sure that the domain name listed is the one you expect to be associated with this directory. If it is not correct, continue with this procedure.
    2. Last synchronized. This field contains the date and time that the directory was last synchronized. If you completed step 3 in this procedure and this field does not have an updated date and time, contact your account representative for further support.
  6. Return to the directory card.
  7. Click Settings (gear icon).
    The directory settings page opens and the fields are editable.
  8. Review the domain fields for accuracy and make changes as needed. For more information about the domain fields see Add or edit a directory. Issues are commonly found with the information entered into these fields:
    1. Host. Based on your native directory setup make sure the correct service, either LDAP set to port 389 or LDAPS set to port 636, is selected.
    2. Admin account, admin password, and admin permissions for the directory. Make sure the correct admin account and admin password are captured in EAA. Access your native directory and make sure that the admin account entered in EAA has read-only permissions or higher.

    If you make any changes to the directory domain fields in the previous step, save the changes and sync the directory.

  9. Outside of EAA, review your internal firewall rules and make sure they allow the host information as it appears in EAA to communicate with the connector’s source IP. See step 8 for more information about how to resolve this information in EAA.
  10. Outside of EAA, review your internal access rules and make sure there is nothing blocking the data path between the EAA cloud service and the directory. This is often resolved by having an “allow” rule in place for the native directory source IP address on your network.

Next steps

If you need to continue troubleshooting, see Troubleshooting overview and tips.