Can't connect to Active Directory authentication service
Published 07 October 2020
This error is displayed when you've configured SQL Monitor to authenticate with Active Directory, but SQL Monitor can't connect to Active Directory.
Is the Active Directory domain controller turned on?
Make sure the Active Directory domain controller is turned on.
Has the domain name changed?
Manually update the domain entry in the SQL Monitor database.
- In Management Studio, connect to the SQL Server instance that hosts the SQL Monitor database.
Open a new query window and paste in the following SQL script:
UPDATE settings.KeyValuePairs SET KeyValue ='domain.com/OU=dba,DC=domain,DC=com' WHERE KeyName='ActiveDirectory-ConnectionString';
Replace
domain.com
with the domain name you want to use.- If you want to use a base DN, replace
OU=dba,DC=domain,DC=com
with the base DN you want SQL Monitor to use.
If you don't want to use a base DN, remove theOU=dba,DC=domain,DC=com
string.
The base DN is the root note in LDAP from which SQL Monitor will search for users and groups. - Run the script on the SQL Monitor database.
The domain entry is updated with the new domain name.
Has the SQL Monitor service account changed?
SQL Monitor uses the service account details to query Active Directory. The details are stored in the Windows credentials store on the machine where the monitoring service is installed. SQL Monitor might not be able to use the service account if, for example:
- The credentials for the service account have changed.
You've moved the monitoring service to a different machine, and the new machine doesn’t have the service account credentials.
To fix this, change the SQL Monitor authentication method to the default, then reconfigure your Active Directory settings. To do this:
- In Management Studio, connect to the SQL Server instance that hosts the SQL Monitor database.
In the following SQL script, replace RedGateMonitor with the name of your SQL Monitor database and run it on the server:
For versions until v11.1.7 (excluding v11.1.7):
USE [RedGateMonitor] GO DELETE FROM [settings].[KeyValuePairs] WHERE [KeyName] = 'ActiveDirectory-Enabled' OR [KeyName] = 'ActiveDirectory-ConnectionString'; GO
For versions after v11.1.7 (including v11.1.7):
USE [RedGateMonitor] GO DELETE FROM [settings].[KeyValuePairs] WHERE [KeyName] = 'AuthenticationType' OR [KeyName] = 'ActiveDirectory-ConnectionString'; GO
- Restart the monitoring service.
- In the Start menu, type services.msc and press Enter.
- In the Services dialog, right-click SQL Monitor Base Monitor and select Restart:
- Restart the SQL Monitor web application.
After you restart, SQL Monitor reverts to authenticating users with their SQL Monitor username and password. - Log in to SQL Monitor using your SQL Monitor username and password.
If you've forgotten your SQL Monitor administrator username and password, see: Resetting your SQL Monitor password. - Switch SQL Monitor back to using Active Directory, selecting "Reset and use Active Directory". For complete instructions, see: Authenticating with Active Directory.
If nothing else works
Follow the fix instructions above under: Has the SQL Monitor service account changed?