返回
-
标题
Synchronization Service cannot be contacted -
说明
When trying to open Active Roles Synchronization Console the following error is thrown.
The above error is expected if there is no binding listening on port 15173 used by Active Roles Sync Service.
-
原因
A custom certificate enforced by a Group Policy Object (GPO) to encrypt the traffic between the Synchronization Service server and Capture Agent is missing from the certificate store, the details below can be validated by checking the verbose logging upon the service getting restarted.
"2023-11-08 19:22:04.4203 10 Debug --> { ActiveRoles.SyncService.QcPasswordService.HostFactory.MakeDefaultAuthentication
2023-11-08 19:22:04.4203 10 Debug --> Use Custom Certificate ActiveRoles.SyncService.QcPasswordService.HostFactory.MakeDefaultAuthentication
2023-11-08 19:22:04.4516 10 Debug --> try to find Certificate (storeLocation = 'LocalMachine', storeName = 'My', findType = 'FindByThumbprint', findValue='B0A224B7A2CDB40CE67767E5DFBB5F65BA02D11C') ActiveRoles.SyncService.Common.SecurityUtils.CertificateManager.FindCertificate
2023-11-08 19:22:04.4672 10 Debug --> Certificate not found in the local machine. Searching in CurrentUser ActiveRoles.SyncService.Common.SecurityUtils.CertificateManager.FindCertificate
2023-11-08 19:22:04.4672 10 Debug --> No Certificate with specified parameters is found ActiveRoles.SyncService.Common.SecurityUtils.CertificateManager.FindCertificate
2023-11-08 19:22:04.4672 10 Debug --> } ActiveRoles.SyncService.QcPasswordService.HostFactory.MakeDefaultAuthentication
2023-11-08 19:22:04.4672 10 Info --> can't open host QcPasswordService ActiveRoles.SyncService.Server.ServiceHostManager+ServiceHostMode.Open System.ApplicationException: Can't find Custom Certificate with specified parameters
at ActiveRoles.SyncService.QcPasswordService.HostFactory.MakeDefaultAuthentication(ServiceHost host)
at ActiveRoles.SyncService.QcPasswordService.HostFactory.CreateQcPasswordServiceServiceHost()
at ActiveRoles.SyncService.Server.ServiceHostWrapperFactory.<>c__DisplayClass0_0.<CreateServiceHostWrapper>b__0()
at ActiveRoles.SyncService.Server.ServiceHostWrapper.ClosedState.Open()" -
解决办法
Solution 1
Import the custom certificated enforced from the legacy Active Roles Synchronization Service server and restart the service afterwards.
Solution 2
Make an exception for the Group Policy Object used for the new server and restart the service afterwards.