Advent of Code is back! Unwrap daily challenges to sharpen your Alteryx skills and earn badges along the way! Learn more now.

Alteryx Server Discussions

Find answers, ask questions, and share expertise about Alteryx Server.

Alteryx Server AD(Active Directory) connectivity issue

Ariharan
11 - Bolide

Hi All,

 

We are using integrated window authentication and we have multiple domains in Active Directory, i.e., Domain 1, Domain 2, Domain 3, etc. There are more than 10+ different AD servers assigned to each domain, and the loads are transferred accordingly.
While communicating with AD, we are experiencing intermittent connectivity issues. Below are the errors which we faced on the Admin and Gallery Page. (Note This behavior varies from time to time, sometimes it works without error, sometimes it doesn't)

Ariharan_0-1664131375882.pngAriharan_1-1664131404986.png


1. How Alteryx is looking for a domain controller?

2. When the Alteryx server is communicating with AD, how can we identify which AD domain server is contacting out of 10?

3. Is there any log that can help troubleshoot the issue? In that case, please let us know which log we need to look at and where we can find it on the server.?
4. What is the command used to validate the connectivity between Alteryx servers to AD.?
5. What port we are using to connect the domain controller?
6. What ports and protocols should be whitelisted from the firewall.? eg., LDAP 389, Kerberos 88
7. What attribute the service is passing in the LDAP query while asking for user details (Structure of LDAP query)?

 

 

Error Messages (Admin Page)

 

2022-09-20 16:37:15.882373,ERROR,26,ScheduleOperations,ValidateAndDisableAllSchedules,,,,<Server Name>,,,,,,Unknown exception occurred.,"System.DirectoryServices.AccountManagement.PrincipalServerDownException: The server could not be contacted. ---> System.DirectoryServices.Protocols.LdapException: The LDAP server is unavailable.->   at System.DirectoryServices.Protocols.LdapConnection.Connect()->   at System.DirectoryServices.Protocols.LdapConnection.SendRequestHelper(DirectoryRequest request, Int32& messageID)->   at System.DirectoryServices.Protocols.LdapConnection.SendRequest(DirectoryRequest request, TimeSpan requestTimeout)->   at System.DirectoryServices.AccountManagement.PrincipalContext.ReadServerConfig(String serverName, ServerProperties& properties)->   --- End of inner exception stack trace ---->   at System.DirectoryServices.AccountManagement.PrincipalContext.ReadServerConfig(String serverName, ServerProperties& properties)->   at System.DirectoryServices.AccountManagement.PrincipalContext.DoServerVerifyAndPropRetrieval()->   at System.DirectoryServices.AccountManagement.PrincipalContext..ctor(ContextType contextType, String name, String container, ContextOptions options, String userName, String password)->   at System.DirectoryServices.AccountManagement.PrincipalContext..ctor(ContextType contextType, String name)->   at Alteryx.Server.Common.Utility.ActiveDirectory.GetForestGroupsSids(Int32 adCacheTimeout, String sid)->   at Alteryx.Server.Api.WindowsIdentityContextWrapper.GetAuthorizedGroupSids(String sid)->   at Alteryx.Server.Models.Presenters.WindowsAuthenticationCollectionPresenter.GetAccessibleCollections(User user, DateTime expiry)->   at Alteryx.Server.Models.Operations.ScheduleOperations.<>c__DisplayClass18_0.<ValidateSchedules>b__9(User u)->   at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()->   at System.Linq.Enumerable.ToDictionary[TSource,TKey,TElement](IEnumerable`1 source, Func`2 keySelector, Func`2 elementSelector, IEqualityComparer`1 comparer)->   at Alteryx.Server.Models.Operations.ScheduleOperations.ValidateSchedules(List`1 schedules, Dictionary`2 scheduledAppsOverride)->   at Alteryx.Server.Models.Operations.ScheduleOperations.ValidateAndDisableAllSchedules()" 

 

Error Message (Gallery User page)

 

2022-09-20 15:01:47.101009,ERROR,26,ScheduleOperations,ValidateAndDisableAllSchedules,,,,<Server Name>,,,,,,Unknown exception occurred.,"System.DirectoryServices.DirectoryServicesCOMException (0x8007203B): A local error has occurred.->->   at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail)->   at System.DirectoryServices.DirectoryEntry.Bind()->   at System.DirectoryServices.DirectoryEntry.get_AdsObject()->   at System.DirectoryServices.PropertyValueCollection.PopulateList()->   at System.DirectoryServices.PropertyValueCollection..ctor(DirectoryEntry entry, String propertyName)->   at System.DirectoryServices.PropertyCollection.get_Item(String propertyName)->   at System.DirectoryServices.AccountManagement.PrincipalContext.DoLDAPDirectoryInitNoContainer()->   at System.DirectoryServices.AccountManagement.PrincipalContext.DoDomainInit()->   at System.DirectoryServices.AccountManagement.PrincipalContext.Initialize()->   at System.DirectoryServices.AccountManagement.PrincipalContext.get_QueryCtx()->   at System.DirectoryServices.AccountManagement.Principal.FindByIdentityWithTypeHelper(PrincipalContext context, Type principalType, Nullable`1 identityType, String identityValue, DateTime refDate)->   at System.DirectoryServices.AccountManagement.Principal.FindByIdentityWithType(PrincipalContext context, Type principalType, IdentityType identityType, String identityValue)->   at System.DirectoryServices.AccountManagement.UserPrincipal.FindByIdentity(PrincipalContext context, IdentityType identityType, String identityValue)->   at Alteryx.Server.Common.Utility.ActiveDirectory.GetForestGroupsSids(Int32 adCacheTimeout, String sid)->   at Alteryx.Server.Api.WindowsIdentityContextWrapper.GetAuthorizedGroupSids(String sid)->   at Alteryx.Server.Models.Presenters.WindowsAuthenticationCollectionPresenter.GetAccessibleCollections(User user, DateTime expiry)->   at Alteryx.Server.Models.Operations.ScheduleOperations.<>c__DisplayClass18_0.<ValidateSchedules>b__9(User u)->   at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()->   at System.Linq.Enumerable.ToDictionary[TSource,TKey,TElement](IEnumerable`1 source, Func`2 keySelector, Func`2 elementSelector, IEqualityComparer`1 comparer)->   at Alteryx.Server.Models.Operations.ScheduleOperations.ValidateSchedules(List`1 schedules, Dictionary`2 scheduledAppsOverride)->   at Alteryx.Server.Models.Operations.ScheduleOperations.ValidateAndDisableAllSchedules()" 

 

Regards, 

Ariharan.R

4 REPLIES 4
dsujkows
6 - Meteoroid

Hi Ariharan,

 

Did you get to resolution on this issue?  We are seeing a similar issue.

 

--Dave

 

PanPP
Alteryx Alumni (Retired)

Hi @dsujkows 

 

I would recommend the user accounts have a first and last name in Windows AD. 

 

I would recommend reaching out to support@alteryx.com to further troubleshoot this issue. 

Ariharan
11 - Bolide

Hi @dsujkows 

 

Yeah we eventually managed to resolve this issue after transitioning from a multi-forest to a single-forest setup.


Could you please provide more detail on your architecture so we can determine if this issue is similar or not?


We observed the same error message in one other working environment, if the AD is not reachable from the server. It could be that the firewall or the AD is shut down.

 

Regards,

Ariharan R

Ariharan
11 - Bolide

Hi @PanPP , 

 

The issue related to Alteryx server architecure configuration. Alteryx is not supported yet mutiforest environment. 

 

https://community.alteryx.com/t5/Alteryx-Server-Ideas/Multi-Forest-as-well-as-Multi-Domain-support-f...

 

Regards, 

Ariharan R