Qbik Helpsys

Prev (Reset User Database Provider) Next (Increase maximum number of Network filters) Up (HOW TO)
Skip to user comments Add a comment

Force Active Directory Connector to use specified domain settings

Problem:

After selecting the Active Directory connector it cannot connect to the domain, and you get log errors like

* Failed to obtain domain information

WinGate 8.0: You may wish to force the Active Directory connector to use a specific AD server.

 

Resolution:

There are a number of reasons which may cause the Active Directory connector to fail to connect to your domain.

The AD Connector uses the Windows API called DsGetDcName.  This can fail for a number of reasons, usually related to DNS configuration either in the WinGate computer, or the AD DNS server, 

DNS Configuration

  • Ensure that:

1. The DNS settings in the network adapter on the WinGate computer are set to the AD DNS server for primary

  • 2. On the AD server, the DNS settings in the network adapters should be set to 127.0.0.1
  • 3. On the AD Server, in the DNS server configuration under forwarders, there should be forwarders specified, either your ISP DNS server, or WinGate's IP.

If this does not work, you can use the registry to override the use of the function DsGetDcName by providing the information it is used to collect.

Force settings

  • Note that this will require editing the registry, make sure that you have a current backup of your registry settings before making any changes to the registry.

1. Stop WinGate engine
2. in Regedit go to

  • windows 32 bit: HKEY_LOCAL_MACHINE\Software\Qbik Software\WinGate\Users\ADProvider\Settings
  • windows 64 bit: HKEY_LOCAL_MACHINE\Software\WOW6432Node\Qbik Software\WinGate\Users\ADProvider\Settings

if these keys do not exist (e.g. possibly only WinGate\Users) you will need to create the subkeys, e.g. ADProvider, then Settings.

You will need to create 4 values.  They are:

a) ForceDomain REG_DWORD, set value to 1

b) DomainOverride REG_SZ, set value to the domain suffix of your AD, e.g. qbik.local

c) ForceDomainGUID REG_DWORD, set value to 1

d) DomainGUIDOverride REG_SZ set value to the GUID of your domain object in your Active Directory (including curly braces)

WinGate 8.0:

e) ForceLDAPConnectString REG_DWORD, set value to 1

f) LDAPConnectStringOverride REG_SZ, set value to desired LDAP connect string, e.g GC://192.168.0.1, or LDAP://192.168.0.2 where the IP addresses are the IPs of the specific AD LDAP or Global Catalog server you wish WinGate to use.

3. Restart WinGate 

Obtaining the Domain Object GUID

To obtain your domain object GUID, you can use an LDAP browser to connect to your Active Directory.  In there you should see a node that starts with DC= with your domain name.  This is the domain object.  Inside this object there should be an attribute called ObjectGUID.  This is the domain object GUID that you need to use.


 

 

applies to: WinGate 7

keywords: WG7 7 database provider reset 

Community content

  1. no comments yet...

Download helpfile

You can use basic Full-Text Searches against the page title and body to find matching articles. Use the following search modifiers to refine your query:

  • event management (no quotes) will find all pages containing the words "event" OR "management"
  • "event management" (with quotes) will find all pages containing the phrase "event management"
  • +event -management will find all pages containing the word "event", AND NOT the word "management"