PROBLEM
During an new Installation or changing an existing installation to use Windows Authentication for AD sync, an error occurs after entering the Windows Domain Account and selecting Windows Authentication and clicking next.
SYMPTOMS
The following error is shown in the ConfigWizard.log located in [InstallDir]\Logs\.
Warning 2015-Aug-17 11:09:20.918 prairieFyre.Security.NTAccountManager Error occurred validating credentials for FSB\micc_sync:
--- Start Exception Stack ---
System.Runtime.InteropServices.COMException (0x8007200A): The specified directory service attribute or value does not exist.
at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail)
at System.DirectoryServices.DirectoryEntry.Bind()
at System.DirectoryServices.DirectoryEntry.get_SchemaEntry()
at System.DirectoryServices.AccountManagement.ADStoreCtx.IsContainer(DirectoryEntry de)
at System.DirectoryServices.AccountManagement.ADStoreCtx..ctor(DirectoryEntry ctxBase, Boolean ownCtxBase, String username, String password, ContextOptions options)
at System.DirectoryServices.AccountManagement.PrincipalContext.CreateContextFromDirectoryEntry(DirectoryEntry entry)
at System.DirectoryServices.AccountManagement.PrincipalContext.DoLDAPDirectoryInitNoContainer()
at System.DirectoryServices.AccountManagement.PrincipalContext.DoDomainInit()
at System.DirectoryServices.AccountManagement.PrincipalContext.Initialize()
at System.DirectoryServices.AccountManagement.PrincipalContext.get_QueryCtx()
at System.DirectoryServices.AccountManagement.Principal.FindByIdentityWithTypeHelper(PrincipalContext context, Type principalType, Nullable`1 identityType, String identityValue, DateTime refDate)
at System.DirectoryServices.AccountManagement.Principal.FindByIdentityWithType(PrincipalContext context, Type principalType, IdentityType identityType, String identityValue)
at System.DirectoryServices.AccountManagement.UserPrincipal.FindByIdentity(PrincipalContext context, IdentityType identityType, String identityValue)
at prairieFyre.Security.NTAccountManager.ActOnUserPrincipal(QualifiedName qualifiedName, Func`3 action)
at prairieFyre.Security.NTAccountManager.AreCredentialsValid(String userName, String password)
--- End Exception Stack ---
Warning 2015-Aug-17 11:09:20.918 Invalid username or password. Please correct the credentials and try again.
This account must be a minimum of a local administrator account on this machine and the password should be set to never expire.
Credentials must be provided in the format of MACHINE\Username or DOMAIN\Username if using a domain account.
Verbose 2015-Aug-17 11:09:35.032 Validating credentials took : 00:00:00.0123683
RESOLUTION
In order to resolve this error you will need to assign read rights to both CN=Users and CN=Computers default AD containers for the account specified in your configuration.
APPLIES TO
MiCC 7.1 and Newer
Keywords: Windows Authentication Active Directory System.Runtime.InteropServices.COMException 0x8007200A