Possible Cause #1
LDAP filters that target an OU are limited to 1000 users. If the LDAP filter reaches 1000 users, new users will not be able to authenticate.
Possible Cause #2
If Server replication is disabled, no new LDAP information will be passed to the SMA.
Solution #1
Change the LDAP Filter from targeting an OU to Targeting a Security Group. There is no limitation to how many users can be authenticated by a Security Group.
For more information regarding this solution, please reference this article:How to setup LDAP Authentication
Solution #2
*USE AT YOUR OWN RISK*
1) To verify that replication is disabled on the Domain Controller, attempt to replicate it with another domain controller by following these steps: TechNet - Force Replication Between Domain Controllers
2) Run: repadmin /options on the Domain Controller that the K1000 is connecting to.
3) If the result shows "DISABLE_OUTBOUND_REPL", run the following from an administrative command prompt on that Domain Controller, replacing <DC NAME> with your domain’s Fully Qualified Domain Name (FQDN):
repadmin /options <DC NAME> +DISABLE_OUTBOUND_REPL
repadmin /options <DC NAME> -DISABLE_OUTBOUND_REPL
repadmin /options <DC NAME> +DISABLE_INBOUND_REPL
repadmin /options <DC NAME> -DISABLE_INBOUND_REPL
3) Run repadmin /options again to verify that it is no longer showing "DISABLE_OUTBOUND_REPL".
4) Verify that the LDAP Filter is properly seeing the targeted user accounts.
For more information about LDAP Filters:
Quest KCS Article: How to setup LDAP Authentication (111795)
Source for this solution:
TechNet - The destination server is currently rejecting replication requests
© 2024 Quest Software Inc. ALL RIGHTS RESERVED. Feedback 利用規約 プライバシー Cookie Preference Center