Submit a ticketCall us

Bridging the ITSM Divide
Integrated help desk and remote support software for faster resolution

Join us on Wednesday, November 29, 2017 at 11 a.m. CT, as we discuss the benefits of effectively integrating your help desk software with remote support solutions to help increase the efficiency of IT administration, improve communication, and decrease mean time to resolution (MTTR) for IT issues of all sizes. This directly impacts end-user satisfaction and your business’ bottom line. Register Now.

Home > Success Center > Network Performance Monitor (NPM) > NPM 12 AD group search error: The object does not exist

NPM 12 AD group search error: The object does not exist

Updated July 29, 2016

Overview

This article addresses the issue where a user with correct AD credentials is unable to find accounts in the same domain and returns the following error:

The object does not exist.

 

The following also appears in the C:\program data\solarwinds\logs\orion\orionweb.log file:

 DEBUG SolarWinds.Orion.Web.LdapAuthentication - Creating Ldap connection to domain.com:636
DEBUG SolarWinds.Orion.Web.LdapAuthentication - Successfully bind to LDAP server domain.com:636
DEBUG SolarWinds.Orion.Web.LdapAuthentication - GetUserDN: Search Response item count: 1
DEBUG SolarWinds.Orion.Web.LdapAuthentication - User's (username) distinguished name is CN=Username,OU=IT Services,OU=Staff,DC=domain,DC=com.
DEBUG SolarWinds.Orion.Web.LdapAuthentication - User domain\account has been successfully authenticated to LDAP server network.uni:636

ERROR SolarWinds.Orion.Web.AccountSearchHelper - Error occurred performing search in AccountSearchHelper. Exception:
System.DirectoryServices.Protocols.DirectoryOperationException: The object does not exist.
   at System.DirectoryServices.Protocols.LdapConnection.ConstructResponse(Int32 messageId, LdapOperation operation, ResultAll resultType, TimeSpan requestTimeOut, Boolean exceptionOnTimeOut)
   at System.DirectoryServices.Protocols.LdapConnection.SendRequest(DirectoryRequest request, TimeSpan requestTimeout)
   at System.DirectoryServices.Protocols.LdapConnection.SendRequest(DirectoryRequest request)
   at SolarWinds.Orion.Web.LdapAuthentication.GetNetbiosDomainName()
   at SolarWinds.Orion.Web.AccountSearchHelper.SearchUsingAuthenticatedLDAP(String user, String password, String domain, String patternToSearch, String sortDirection, Boolean isGroupSearch)
   at SolarWinds.Orion.Web.AccountSearchHelper.SearchFor(String searchString, String domainLogin, String domainPassword, String accountType, String sortDirection)

ERROR AccountManagement - Could not find account details on the specified domain.  Details:
System.DirectoryServices.Protocols.DirectoryOperationException: The object does not exist.
   at System.DirectoryServices.Protocols.LdapConnection.ConstructResponse(Int32 messageId, LdapOperation operation,

ResultAll resultType, TimeSpan requestTimeOut, Boolean exceptionOnTimeOut)
   at System.DirectoryServices.Protocols.LdapConnection.SendRequest(DirectoryRequest request, TimeSpan requestTimeout)
   at System.DirectoryServices.Protocols.LdapConnection.SendRequest(DirectoryRequest request)
   at SolarWinds.Orion.Web.LdapAuthentication.GetNetbiosDomainName()
   at SolarWinds.Orion.Web.AccountSearchHelper.SearchUsingAuthenticatedLDAP(String user, String password, String domain, String patternToSearch, String sortDirection, Boolean isGroupSearch)
   at SolarWinds.Orion.Web.AccountSearchHelper.SearchFor(String searchString, String domainLogin, String domainPassword, String accountType, String sortDirection)
   at AccountManagement.GetWindowsAccounts(String searchstring, String username, String password, String accounttype)

Environment

Products running on Orion Platform 2016.1 and later such as:

  • NPM 12.0 and later
  • SAM 6.2.4 and later
  • IPAM 4.3.2 and later
  • NCM 7.5 and later
  • VNQM 4.2.4 and later

Cause 

This usually occurs when LDAP authentication is enabled. By default, SolarWinds uses MSAPI to authenticate Active Directory users. If you switch to LDAP authentication, the search is unable to find the accounts using that method.

Resolution

Use the default MSAPI authentication.

Any user or group accounts you made using LDAP authentication must be recreated after disabling LDAP.

  1. Go to Settings > User Accounts > Advanced AD Settings.
  2. Change the method from LDAP back to default MSAPI.

Try searching again and verify that the error does not persist.

 

 

Last modified

Tags

Classifications

Public