Sophos Cloud AD Sync Utility retrieves 0 users and 0 Groups from Active Directory

  • Article ID: 121252
  • Updated: 08 Apr 2015


When configuring the Sophos Cloud AD Sync Utility, you see the following error message in the user interface and the log file of the utility.

Found 0 AD users.
Found 0 AD groups.

In addition to the above messages, the log file contains the following text:

Page:1 contains 2 response entries
Last page detected in LDAP result.
The result set was not paged.
Search returned 2 records.
Unable to find netbios name for DC=[X],DC=[Y]

First seen in

Sophos Cloud


You have more than one domain, i.e a child domain.  Version 1 of the AD Sync utility did not support multiple domains.

What To Do

Upgrade to version 2 of the AD Sync utility.  The utility should perform a version check on each synchronization, failing which, you can always download the latest version by logging in to Sophos Cloud and navigating to 'Users & Devices' > 'Active Directory'.

Note: The information below is related to version 1 of the utility and has been left for reference.

As a workaround to this issue with version 1 of the utility, it is possible to import the users and groups from one of the domains.  To do so, under CN=Partitions,CN=Configuration, you can deny the Windows user configured in the Sophos Cloud AD Sync utility access to one of the domain objects.  As a result the utility will only 'find' the one single domain and be able to determine the NetBIOS domain name.

Note: The following tools may be used to set these permissions:

If you need more information or guidance, then please contact technical support.

Rate this article

Very poor Excellent