Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 13 replies
  • Subscribers 5 subscribers
  • Views 33645 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Active Directory synching for SGN 5.50.8.13 error

JuJo

I setup a scheduled task to synchronize SGN with our Active Directory daily. It was working fine until a couple days ago and now I'm getting this error:

-CBIERR_BAD_KEY on _DeleteEntry()

Anyone know what that means and how to fix it?

If I manually run the synchronize through the Management Center - it shows "The import failed. Additional Information: The import failed." and lists -CBIERR_BAD_KEY on _DeleteEntry() in the synchronization information area.

:8473


This thread was automatically locked due to age.
Parents
  • 0

    Hi awest,

    as already mentioned the keytester is an internal tool!

    Please be so kind and contact the local support so that the issue can be properly analyzed and the root cause can be determined. In case that the problem cannot be solved directly they will also provide you with the keytester tool if required.

    @all: The recommendation for AD sync is still to import the whole directory as this is the best way to recognize changes in the AD (rename, move, delete). Doing a full sync will ensure that no actions happen outside the scope of the SGN AD import once they happen. If this is not done further changes might be done to the object which can hardly be determined when finally importing the object at a later point of time.

    Also please keep in mind that even though an object is not synchronized into the Management Center it will report back showing up under Autoregistered. At this section it is already possible to assign policies to ensure that all settings are applied to the client. As soon as the AD synced the object is automatically moved to the right place.

    Regards

    Dan

    :15171
Reply
  • 0

    Hi awest,

    as already mentioned the keytester is an internal tool!

    Please be so kind and contact the local support so that the issue can be properly analyzed and the root cause can be determined. In case that the problem cannot be solved directly they will also provide you with the keytester tool if required.

    @all: The recommendation for AD sync is still to import the whole directory as this is the best way to recognize changes in the AD (rename, move, delete). Doing a full sync will ensure that no actions happen outside the scope of the SGN AD import once they happen. If this is not done further changes might be done to the object which can hardly be determined when finally importing the object at a later point of time.

    Also please keep in mind that even though an object is not synchronized into the Management Center it will report back showing up under Autoregistered. At this section it is already possible to assign policies to ensure that all settings are applied to the client. As soon as the AD synced the object is automatically moved to the right place.

    Regards

    Dan

    :15171
Children
No Data
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?