-
Title
Disconnected from Active Directory (AD). /opt/quest/bin/vastool status reports: WARNING: 231 QAS daemon is operating in a disconnected state. -
Description
Disconnected from Active Directory (AD).
Authentication Services enters into disconnected mode.
Running /opt/quest/bin/vastool status command reports WARNING: 231 QAS daemon is operating in a disconnected state.
-
Cause
CAUSE 1: QAS cannot reach a domain controller due to an environmental issue such as network issue, dns server down, domain controller went down.
CAUSE 2: If the file /var/opt/quest/vas/vasd/.force_disconnected_mode exists on your system then it will cause vasd to go into disconnected mode
-
Resolution
RESOLUTION 1:
1 - Check to ensure the domain controllers are reachable.
a) /opt/quest/bin/vastool info cldap yourdomain.com
b)This command will check for a SRV record for your domain.
#nslookup
> set type=srv
> _ldap._tcp.dc._msdcs.yourdomain.comFor example: > _ldap._tcp.dc._msdcs.LG.TS.HAL.CA.QSFT
Server: 10.4.64.23
Address: 10.4.64.23#53Non-authoritative answer:
_ldap._tcp.dc._msdcs.LG.TS.HAL.CA.QSFT service = 0 100 389 dc-plg2.lg.ts.hal.ca.qsft.Authoritative answers can be found from:
dc-plg2.lg.ts.hal.ca.qsft internet address = 10.5.84.1142 - If domain controller are available, try restarting vasd to see if another server is picked up. Then re-run the vastool status command to check if it reports healthy.
3 - Note the information reported by this command : /opt/quest/bin/vastool info servers Rejoin the server to AD : /opt/quest/bin/vastool -u ADUSER join -f YOURDOMAIN.com
Do the vastool status and vastool info servers commands again and compare output. Sometimes there is a problem with what AD site the clients are contacting.
RESOLUTION 2:Remove the /var/opt/quest/vas/vasd/.force_disconnected_mode file and restart the vasd process
-
Change Request
319479 -
Additional Information
Command to help troubleshoot 4.0.3 version only /opt/quest/libexec/vas/get_domain_reachable -d -s -g52>&1 | tee /tmp/get-domain-debug.txt