VDA Registration Error: "The Security Support Provider Interface (SSPI) negotiation failed."
Article ID: CTX237342
Updated On:
Description
Environment:
- 2 child domains
- 'a.parent.local' & 'b.parent.local', 'parent.local' being the root domain
- VDA resides in 'a.parent.local' and DDC is in 'a.parent.local'
VDA unable to register itself with DDC
Error:
On the VDA we get the event:
"The Security Support Provider Interface (SSPI) negotiation failed."
Resolution
Opened Port UDP 389 on firewall and then the VDA will be able to register itself successfully.
Example: 2 such packets seen in network monitor.
Problem Cause
VDA performs an LDAP query to the root domain and as the firewall blocks the packets, they cannot get through.Example: 2 such packets seen in network monitor.
| 223 | 8/2/2018 13:09 | 80.30.x.y | 10.10.x.y | LDAPMessage | LDAPMessage:Search Request, MessageID: 560 |
| 224 | 8/2/2018 13:09 | 80.30.x.y | 10.10.x.y | LDAPMessage | LDAPMessage:Search Request, MessageID: 561 |
Was this article helpful?
Yes
No
Powered by
