Can't connect to Active Directory authentication service
Published 28 March 2024
This error is displayed when you've configured Redgate Monitor to authenticate with Active Directory, but Redgate Monitor can't connect to Active Directory.
Is the Active Directory domain controller turned on?
Make sure the Active Directory domain controller is turned on.
Has the domain name changed?
Manually update the domain entry in the Redgate Monitor database.
- In Management Studio, connect to the SQL Server instance that hosts the Redgate Monitor database.
Open a new query window and paste in the following SQL script:
UPDATE settings.KeyValuePairs SET KeyValue ='domain.com/OU=dba,DC=domain,DC=com' WHERE KeyName='ActiveDirectory-ConnectionString';
Replace
domain.com
with the domain name you want to use.- If you want to use a base DN, replace
OU=dba,DC=domain,DC=com
with the base DN you want Redgate Monitor to use.
If you don't want to use a base DN, remove theOU=dba,DC=domain,DC=com
string.
The base DN is the root note in LDAP from which Redgate Monitor will search for users and groups. - Run the script on the Redgate Monitor database.
The domain entry is updated with the new domain name.
Has the Redgate Monitor service account changed?
Redgate Monitor uses the service account details to query Active Directory. The details are stored in the Windows credentials store on the machine where the monitoring service is installed. Redgate Monitor might not be able to use the service account if, for example:
- The credentials for the service account have changed.
You've moved the monitoring service to a different machine, and the new machine doesn’t have the service account credentials.
To fix this, change the Redgate Monitor authentication method to the default, then reconfigure your Active Directory settings. To do this:
- In Management Studio, connect to the SQL Server instance that hosts the Redgate Monitor database.
In the following SQL script, replace RedGateMonitor with the name of your Redgate Monitor database and run it on the server:
For versions until v11.1.7 (excluding v11.1.7):
USE [RedGateMonitor] GO DELETE FROM [settings].[KeyValuePairs] WHERE [KeyName] = 'ActiveDirectory-Enabled' OR [KeyName] = 'ActiveDirectory-ConnectionString'; GO
For versions after v11.1.7 (including v11.1.7):
USE [RedGateMonitor] GO DELETE FROM [settings].[KeyValuePairs] WHERE [KeyName] = 'AuthenticationType' OR [KeyName] = 'ActiveDirectory-ConnectionString'; GO
- Restart the monitoring service.
- In the Start menu, type services.msc and press Enter.
- In the Services dialog, right-click Redgate Monitor Base Monitor and select Restart:
- Restart the Redgate Monitor web application.
After you restart, Redgate Monitor reverts to authenticating users with their Redgate Monitor username and password. - Log in to Redgate Monitor using your Redgate Monitor username and password.
If you've forgotten your Redgate Monitor administrator username and password, see: Resetting your Redgate Monitor password. - Switch Redgate Monitor back to using Active Directory, selecting "Reset and use Active Directory". For complete instructions, see: Authenticating with Active Directory.
If nothing else works
Follow the fix instructions above under: Has the Redgate Monitor service account changed?