This article was created in response to a support issue logged with K2. The content may include typographical errors and may be revised at any time without notice This article is not considered official documentation for K2 software and is provided "as is" with no warranties.

Issue

The following error is raised each time the Identity Sync Service tries to sync against an Active Directory Provider:

Error - The server is not operational.

at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail)
at System.DirectoryServices.DirectoryEntry.Bind()
at System.DirectoryServices.DirectoryEntry.get_AdsObject()
at System.DirectoryServices.DirectorySearcher.FindAll(Boolean findMoreThanOne)
at SourceCode.Sync.Providers.AD.K2ActiveDirectorySearch.<FindAll>d__10.MoveNext()
at SourceCode.Sync.Providers.AD.Provider.<SyncAsync>d__22.MoveNext()
--- End of stack trace from previous location where exception was thrown ---

Symptoms

The error can be viewed in the HostServer Log and in the [SyncEngine].[RunHistory] table.

Troubleshooting Steps

This can be caused by the LDAP Paths being configured to run with Global Catalog (GC://) when Global Catalog has been switched off in the Active Directory Domain Server.

If Global Catalog has been enabled in Active Directory Domain Server, the connection string can be configured either to use LDAP or Global Catalog. However, if this is not enabled you can only use LDAP.

More information can be found here: https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/manage/ad-forest-recovery-remove-gc

To change from Global Catalog to LDAP in K2, please follow the following steps:

  1. Open K2 Management and expand Users
  2. Expand the K2 node and click on Domains
  3. Select the Net Bios Name and click Edit
  4. Update the path in the LDAP Path text box and select OK.