ProxySG & Advanced Secure Gateway

Expand all | Collapse all

Windows domain fail to join in ASG after disjoined

  • 1.  Windows domain fail to join in ASG after disjoined

    Posted 8 days ago
      |   view attached
    Hi,

    Please, we are facing this error when joining the Domain in the proxy ASG  6.7.5.8 and it was joined fine at the start.
    I had to dis join it for some time, now when I tried to join it again it show me the attached error!
    Unfortunately, I could not see an event log for this issue.


    Appreciate you advise.

    Regards.


  • 2.  RE: Windows domain fail to join in ASG after disjoined

    Posted 8 days ago
    Hi ,

    This issue due to admin priviliage for the windows domain which you are trying to join. Windows domain should have admin read write access.

    Please refer the below article for more information.

    https://knowledge.broadcom.com/external/article/168334/

    Thanks,
    Raju


  • 3.  RE: Windows domain fail to join in ASG after disjoined

    Posted 6 days ago
    Hi @Proxy Admin TRG

    Thanks for your replay, yes it has an admin read and write access, but still we are having this issue. I already connected the (backup proxy) with the same user account and it joined perfect. but for this proxy it shows access denied!

    Regards

    ​​​


  • 4.  RE: Windows domain fail to join in ASG after disjoined

    Broadcom Employee
    Posted 5 days ago
    Hello ITA,

    1. Go to your Active Directory and delete the HOST or any entry that gets created when you join a computer to the domain that is referencing this particular proxy, start fresh from the AD perspective.
    2. If above don't work, try using another domain admin user to join this proxy to domain.
    3. If the above does not work, take a look at this article as it is possible that some one may have made some changes to the user you are using.

    If none of the above works, then you will need to engage your AD Admins and your AD Support team as at the end of the day , the root cause here is not going to be the proxy, but will be something on the AD side, i am sure if one of your AD Support team engineer had spent some time reviewing the AD Event Logs related to this proxy attempting to join, they would have found the root cause and fixed it by now :) , because the access denied message is coming from the AD , proxy is simply being a good sport and displaying it for your convenience to point out where the issue is coming from.

    I hope this helps.
    Slava