I'm using Wingate 5.2.3 and running MS Windows 2003 Server.
When I edit the registry to point to my PDC, Wingate only sync some user accounts(14/160) but not ALL. However it did sync every secruity group accounts.
I had also configure wingate to point to my internal server. I do not have this problem previously until I did a reinstallation on another workstation to load-balance.
What could be the problem??? Pls advise.Thank you
Cannot Sync Active Directory Users
Moderator: Qbik Staff
7 posts
• Page 1 of 1
Cannot Sync Active Directory Users
by andy_lee » Sep 06 04 2:35 pm
- andy_lee
- Posts: 3
- Joined: Sep 06 04 2:21 pm
by Pascal » Sep 06 04 4:00 pm
http://support.qbik.com/index.php?_a=kn ... ails&_i=91
As what is your WinGate Service logging in? If you browse through the knowledgebase, you'll find a few articles referring to Active Directory and Domain Controllers that might be of help.
As what is your WinGate Service logging in? If you browse through the knowledgebase, you'll find a few articles referring to Active Directory and Domain Controllers that might be of help.
- Pascal
- Qbik Staff
- Posts: 2623
- Joined: Sep 08 03 8:19 pm
- Location: Auckland, New Zealand
by andy_lee » Sep 06 04 4:11 pm
Hi Pascal,
I am using adminstrator service account.
I had actually did what the knowledge base suggested but still the users account problem remains.
I also discovered that in the registery, the users database contains all my AD users. However in the Wingate gatekeeper, the users reflected is still incorrect??
I had try uninstall and reinstall serverl times but in vain
I am using adminstrator service account.
I had actually did what the knowledge base suggested but still the users account problem remains.
I also discovered that in the registery, the users database contains all my AD users. However in the Wingate gatekeeper, the users reflected is still incorrect??
I had try uninstall and reinstall serverl times but in vain
- andy_lee
- Posts: 3
- Joined: Sep 06 04 2:21 pm
by Pascal » Sep 06 04 4:24 pm
Were you using a different OS before? (As it worked before the re-installation on a different workstation, trying to nut out what is different between the two) Are there any differences in the user account / WinGate version / etc. since when it worked and when it stopped working?
If the differences are not readily apparent, I do know that version 6.0 has better support - you could consider upgrading. Version 6.x can use your existing 5.x key, you get all the benefits of the bug fixes, but not necessarily all the version 6.x features. (Depending on when you purchased your 5.x key) It is also available on a trial license, so you can see if it does what you want it to do before upgrading ...
Before upgrading though, check which features are available on which key types (http://www.wingate.com/wingate-licensing.php)
From the release notes:
If the differences are not readily apparent, I do know that version 6.0 has better support - you could consider upgrading. Version 6.x can use your existing 5.x key, you get all the benefits of the bug fixes, but not necessarily all the version 6.x features. (Depending on when you purchased your 5.x key) It is also available on a trial license, so you can see if it does what you want it to do before upgrading ...
Before upgrading though, check which features are available on which key types (http://www.wingate.com/wingate-licensing.php)
From the release notes:
8. A number of enhancements to WinGate's user database integration with the OS NT database. These include:Greatly improved enumeration of large (12,000 plus) user databases on remote AD servers or domain controllers.
Improved control over when to synchronise with the OS user database.
GUI for specifying remote AD server or domain controller for synchronisation
Support for plaintext authentication to a remote user database.
- Pascal
- Qbik Staff
- Posts: 2623
- Joined: Sep 08 03 8:19 pm
- Location: Auckland, New Zealand
by Pascal » Sep 06 04 5:53 pm
I've checked with our Active Directory specialist. Easiest option will be to paste his email below:
WinGate engine needs to be logged in with an account that has Domain Administrator privilages (not just local machine administrator privilages)
To clarify this he could create a user who belongs to the Domain Administrators group in the Active Directory users and groups mmc.
There might be cause for confusion if he is still running a Primary Domain Controller and so is still trying to synch the old way.
It would be interesting to know if this was the case although Im pretty sure I never had any issues with this running in either Native (purely AD Domain controllers) or mixed mode (with emulation for existing PDCs, NT/AD environment).
What he is describing is exactly the symptoms of the WinGate Engine service not logged in as this privilage account.
- Pascal
- Qbik Staff
- Posts: 2623
- Joined: Sep 08 03 8:19 pm
- Location: Auckland, New Zealand
by andy_lee » Sep 06 04 8:52 pm
I had tried download wingate latest version 6.0.1 build 995 trial version.
After installating, i had edit the registery to point to the PDC AD.
After which I used a domain admin account to login to wingate.
Same problem pops up. Only a 'selected' few users are being imported and the whole secruity group. However this time round, looking at the registry key under user database. I do not see all my created AD users unlike using ver 5.2.3.
After installating, i had edit the registery to point to the PDC AD.
After which I used a domain admin account to login to wingate.
Same problem pops up. Only a 'selected' few users are being imported and the whole secruity group. However this time round, looking at the registry key under user database. I do not see all my created AD users unlike using ver 5.2.3.
- andy_lee
- Posts: 3
- Joined: Sep 06 04 2:21 pm
by Pascal » Sep 07 04 10:53 am
You shouldn't need to edit the registry - the User Database Screen allows you to browse to your PDC.
Now, the important distinction - it's not that you need a domain account to login to WinGate (Using GateKeeper).
The WinGate Service must be configured to login to the operating system using an account that has domain admin rights. That is what you configure by editing the service properties.
Can you confirm that that is indeed the case?
Now, the important distinction - it's not that you need a domain account to login to WinGate (Using GateKeeper).
The WinGate Service must be configured to login to the operating system using an account that has domain admin rights. That is what you configure by editing the service properties.
Can you confirm that that is indeed the case?
- Pascal
- Qbik Staff
- Posts: 2623
- Joined: Sep 08 03 8:19 pm
- Location: Auckland, New Zealand
7 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 3 guests