Jump to content
Updated Privacy Statement
  • 0

Forest is added into dynamic blacklist and "is dead"


Question

Hello everyone,

I see an issue in my environment where I have one forest with on child domain. WEM Infrastructure server is in the child domain and has full access to child domain controllers in terms of open ports (389, 445, 3286)

When the infrastructure service starts it logs the following:

9:56:17 Event -> ActiveDirectoryDynamicBlacklist.AddToDynamicBlacklist() : Add forest into dynamic blacklist, forest name is rppl.local, utc time is 11.04.2024 6:56:17
9:56:17 Warning -> ActiveDirectoryService.() : AD: Warning is: A local error has occurred.
 Forest rppl.local is dead currently, please remove it from environment.If you don't use this forest, you can also ignore this warning.

It also can't add a computer object from child domain using Web Console

9:56:17 Event -> AgentBrokerService.() : Search for domain S-1-5-21-1657612985-771126180-1233803906, start time is 11.04.2024 9:56:17
9:56:17 Event -> AgentBrokerService.() : Search for domain S-1-5-21-1657612985-771126180-1233803906, finish time is 11.04.2024 9:56:17
9:56:17 Event -> AgentBrokerService.() : Search for machine CITRIX-AVSBR01$, start time is 11.04.2024 9:56:17
9:56:17 Event -> AgentBrokerService.() : Search for machine CITRIX-AVSBR01$, finish time is 11.04.2024 9:56:17
9:56:17 Exception -> AgentBrokerService.() : Error happened while retrieving site id. Exception: System.ArgumentNullException: Value cannot be null.
Parameter name: Failed to find computer in domain, fullname is AST\CITRIX-AVSBR01$, domain sid is S-1-5-21-1657612985-771126180-1233803906
   at Norskale.Broker.Agent.AgentBrokerService.()

I suppose that something might be wrong with my root domain rppl.local or with communication between child and root domain controllers or probably ifra server and root domain/forest.

Why my forest is added to the black list and marked as dead?

Does anyone aware of the algorithm for that decision? Thank you in advance for any related information.

WEM 2311 on Windows 2019, DCs are 2022 (AD level is 2016).

Link to comment

1 answer to this question

Recommended Posts

  • 0
Posted (edited)

I got resolved the issue.

WEM is using port 389 UDP to communicate over CLDAP protocol with root domain DCs. Without 389 UDP open whole forest will be blacklisted as dead. 389 UDP was filtered in my environment. 389 TChas not been filtered therefore it seemed like everything worked but WEM.

Edited by Nikolay Ermakov
Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...