7 Troubleshooting Logon Manager
on Microsoft AD LDS (ADAM)

If Logon Manager is unable to connect to the target AD LDS (ADAM) instance, try connecting to your AD LDS (ADAM) instance directly using the ADSIEdit tool. If you still cannot connect, the possible causes are described below

7.1 The Target AD LDS (ADAM) Instance is Not Running

Your AD LDS (ADAM) instance runs as a service on the target server. Use the Computer Management MMC snap-in on the target server to check whether the AD LDS (ADAM) instance is running by doing the following:

  1. Open the Computer Management console. (The quickest way is to right-click on My Computer and select Manage from the context menu.)

  2. In the left-hand pane select Services. The console displays a list of services installed on the system.

  3. Locate your AD LDS (ADAM) instance in the list.

    Surrounding text describes image104.png.

  4. If the instance's status is "Stopped," start it as follows:

    1. Double-click the instance. The instance's property dialog box appears.

    2. Ensure that the Startup Type option is set to Automatic (if it isn't, set it).

    3. Click Start and wait for the instance to initialize.

    4. Click OK to close the property dialog box.

If the instance's status is "Started" and you still cannot connect, you may be connecting to the instance using the wrong port. See the next section for more information.

7.2 AD LDS (ADAM) Instance is Running on Non-Default Ports

If you configured your AD LDS (ADAM) instance to use custom ports, you must instruct Logon Manager (and other software, such as ADSIEdit) to use those ports when connecting to the AD LDS (ADAM) instance. To troubleshoot this issue, do the following:

  • To check the ports on which the target AD LDS (ADAM) instance is running, see AD LDS (ADAM) documentation.

  • To check (and correct) the ports Logon Manager uses to connect to AD LDS (ADAM), examine the contents of the Servers field in the Console. Logon Manager uses the default port (636 for SSL connections, 389 for non-SSL connections) unless a specific port number is appended to the server URL, for example dc1.company.com:9448.

7.3 Account Used to Connect to AD LDS (ADAM) Does Not Have the Required Privileges

If Logon Manager cannot connect to AD LDS (ADAM), check whether the user account used to connect to AD LDS (ADAM) has the required privileges. To check and set the privileges for a user account, see the operating system and AD LDS (ADAM) documentation.