Disconnected from Active Directory (AD).
Authentication Services enters into disconnected mode.
Running /opt/quest/bin/vastool status command reports WARNING: 231 QAS daemon is operating in a disconnected state.
CAUSE 1: QAS cannot reach a domain controller due to an environmental issue such as network issue, dns server down, domain controller went down.
1 - Check to ensure the domain controllers are reachable.
a) /opt/quest/bin/vastool info cldap yourdomain.com
b)This command will check for a SRV record for your domain.
> set type=srv
For example: > _ldap._tcp.dc._msdcs.LG.TS.HAL.CA.QSFT
_ldap._tcp.dc._msdcs.LG.TS.HAL.CA.QSFT service = 0 100 389 dc-plg2.lg.ts.hal.ca.qsft.
Authoritative answers can be found from:
dc-plg2.lg.ts.hal.ca.qsft internet address = 10.5.84.114
2 - If domain controller are available, try restarting vasd to see if another server is picked up. Then re-run the vastool status command to check if it reports healthy.
3 - Note the information reported by this command : /opt/quest/bin/vastool info servers Rejoin the server to AD : /opt/quest/bin/vastool -u ADUSER join -f YOURDOMAIN.com
Do the vastool status and vastool info servers commands again and compare output. Sometimes there is a problem with what AD site the clients are contacting.
Remove the /var/opt/quest/vas/vasd/.force_disconnected_mode file and restart the vasd process
© 2023 One Identity LLC. ALL RIGHTS RESERVED. Feedback 使用条款 隐私