Jump to content

Recommended Posts

Posted

Hi,

I have my Access up and running, but after I install the Access Connector, the Directory Sync and Auth Sync services are not running. There is only error "Service terminated unexpectedly"

When I navigate to Access Admin console page, I cannot see the connectors details there, its empty like new.

Connector version is 23.09

In log file for Directory Sync I found this error: com.vmware.vidm.eds.gateway.operations.EnterpriseServiceRegistrationManager - Unable to register EDS ScForbiddenException[Operation: POST -> https://my-access-appliance-hostname/SAAS/jersey/manager/api/enterpriseservices][Status:403] 

Can anyone help with this?

 

  • 2 weeks later...
Posted

Hello,

Same issue here ! 

I see the Connector on Access admin portal but the Health statut is error. 

I will try the Access connector reinstallation...

  • Employee
Posted

Most likely is not able to register with AD corrrectly. A reinstall of the connector installer should be sufficient providing you have the correct files downloaded from the Access appliance.

Is a CA signed certificate being used or the default self signed?

  • Employee
Posted

@ivan_531 is that the same env where you got issues creating OAuth tokens? Connector would also use tokens to communicate, is it working after you were able to create tokens now? To fully check on issues like that it would require a set of logs from Access and the Connector.

 

  • 3 weeks later...
  • Employee
Posted
On 7/11/2024 at 3:31 AM, ivan_531 said:

Hi,

I have my Access up and running, but after I install the Access Connector, the Directory Sync and Auth Sync services are not running. There is only error "Service terminated unexpectedly"

When I navigate to Access Admin console page, I cannot see the connectors details there, its empty like new.

Connector version is 23.09

In log file for Directory Sync I found this error: com.vmware.vidm.eds.gateway.operations.EnterpriseServiceRegistrationManager - Unable to register EDS ScForbiddenException[Operation: POST -> https://my-access-appliance-hostname/SAAS/jersey/manager/api/enterpriseservices][Status:403] 

Can anyone help with this?

 

Hi Ivan,

I know I'm a little late to this thread, but in my experience, when I can't start Connector services, it's usually because the Connector can't reach outbound to the tenant to get the SSL cert from Access.  Does your Connector have outbound connectivity on 443?  Is there a proxy in between internal network and internet?  Since there hasn't been much activity on this thread, I'm assuming you got this sorted out, if not, let us know, we can try and help further.

  • 1 month later...
Posted

The solution to the problem that works when I have this problem with customers.

1. Generate a new token for Omnissa Workspace ONE Access. (if you have this symptom, you need to re-generate the token, you can't use the token again)
2. You need to prepare the public keys of the Root, Intermediate certificates signing the FQDN address of Workspace ONE Access.

3. You choose the advanced installation of the Agent and upload the certs and the new key. It solves the problem in 99% of cases.

  • Like 1
  • 3 weeks later...
Posted (edited)

The fix Simon suggested was confusing as the 'token' was not related to the Access Connectors. 

The inevitable fix for our environment was a decryption rule that was missing in our firewall.  For our scenario, version 22.09 worked fine, but 23.09 would not. There must be some logic that changes in 23.09 and that could be the source of your issue. I'd take a look at your firewall rules.

Edited by Jack
spelling

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...