This can occur if the service account in Identity and Authentication from Active Directory is locked, or has the incorrect password.
1. Validate that the DNS server in Settings | Networking | DNS Servers can resolve the required AD SRV records
2. Ensure that the Safeguard node can communicate to Active Directory DCs and GCs over TCP/389 and TCP/3268
3. From Settings | Identity and Authentication | Double click the domain entry and validate from a "Test Connection" it is successful.
If there is a failure ensure the following for the Service Account:
- Ensure the password set on the Service Account in Safeguard matches that of AD
- Ensure "User must change password at next logon" is unticked in the users Account properties in AD
- Ensure the account in AD is not locked or disabled
- Ensure there no "Logon Hours" restrictions in the users Account properties in AD
- Ensure "Log On To" in the users Account properties in AD is set to "All Computers"