Auth0 Home Blog Docs

NotInThisNodeError using AD Connector

error
ad-connector

#1

We are using AD Connector and today a user was unable to login a handful of times in a row and the error message that shows up in the Auth0 logs is “NotInThisNodeError”

Does anyone have any additional information on this error and what may cause it? I haven’t been able to find much of anything through searching.


#2

The error in question is usually associated with loss of connectivity between the AD Connector and the Auth0 service and a connector configuration that does not make use of cached credentials or the end-user in question did not had cached credentials.

If the situation restored itself then a temporary network situation was the likely cause.


#3

Thank you! Can any Auth0 mods confirm?


#4

I just received the error and was able to check the server in question and it did not lose any network connectivity and was able to access auth0.com through a browser so I’m less confident it’s explained by a network glitch. So this means I was able to see a login fail becaose of a NotInThisNodeError, confirm the server could get to auth0.com, and then try another login immediately after and have it fail with a NotInThisNodeError.
At this point, I restarted the Auth0 ADLDAP service and my next login request went through successfully.


#5

I just received the error and was able to check the server in question and it did not lose any network connectivity and was able to access auth0.com through a browser so I’m less confident it’s explained by a network glitch. So this means I was able to see a login fail becaose of a NotInThisNodeError, confirm the server could get to auth0.com, and then try another login immediately after and have it fail with a NotInThisNodeError.
At this point, I restarted the Auth0 ADLDAP service and my next login request went through successfully.


#6

The communication to Auth0 in this case is not through HTTPS (it’s web sockets) so the test through the browser although valid to eliminate complete lack of communication scenarios may not be a definitive test. Is there any information available from the Connector logs that looks suspicious or that you can share?


#7

I’ve been able to watch the logs come in as I attempt to log in and in some cases I even see log entires for my seemingly successful profile bind and profile enrichment yet the Auth0 login prompt hangs and eventually errors. Often, after a couple of failed attempts, it goes through immediately.
The only thing that stands out in the logs is that it regularly detects some clock skew.


#8

Additionally, I verified that our servers running the connectors are synced to an external time source.


#9

The clock skew reports can lead to issues and that’s why it’s called out in the logs, however, to be honest I’m not sure if it can manifest itself with this exact error as I never actually tried it. However, I have the suspicion it can as the error itself implies the user authentication could not be completed directly with AD and the clock skew could be the reason it fails.


#10

What’s the external service you’re using?


#11

Thank you for the responses. I have a support ticket for this issue but I will post back if there’s a solution for the benefit of anyone else that comes across this thread.


#12

Was there a resolution discovered for this, I am having a similar issue when I “Disable Cache” for the AD Connector.


#13

No, the ticket is still open and being worked on.


#14