Troubleshooting
Learn how to diagnose and resolve common AD Unlock issues.
Quick Diagnosis
Start by identifying the category of your issue:
Diagnostic Steps
Step 1: Check Connector Status
In Admin Portal → Connectors:
- Online (green): Connector is connected and healthy
- Offline (red): Connector not connected to gateway
Step 2: Check Logs
# View recent connector logs
Get-Content C:\ADConnector\logs\connector.log -Tail 50
# Look for errors
Select-String -Path C:\ADConnector\logs\connector.log -Pattern "error|failed"Step 3: Test Connectivity
# Test gateway
Test-NetConnection -ComputerName api.adunlock.me -Port 443
# Test LDAPS
Test-NetConnection -ComputerName dc01.company.local -Port 636Step 4: Run Verification Script
cd C:\ADConnector
.\Test-ConnectorInstallation.ps1Common Error Messages
| Error | Meaning | Solution |
|---|---|---|
connection refused | Gateway unreachable | Check firewall, allow outbound 443 |
certificate signed by unknown authority | SSL inspection active | Add api.adunlock.me to bypass list |
LDAP bind failed | Wrong credentials or DC unreachable | Verify service account and DC connectivity |
user not found | User not in allowed OUs | Add OU to allowed_ous in config |
permission denied | Service account lacks permissions | Re-run permissions script |
Getting Help
If you can’t resolve the issue:
- Collect logs from
C:\ADConnector\logs\ - Note the error message and when it occurs
- Contact support at support@adunlock.me
Include:
- Connector version
- Error messages
- Steps to reproduce
- Relevant log excerpts (remove sensitive data)
Last updated on