We have an untrusted domain, where the System and Group discovery worked very well untill the 01-2022 CU patch got installed on the SCCM Site server (Server 2016).
The log is giving me the following error:
Active Directory Security Group Discovery Agent failed to bind to container LDAP://domain.com/OU=ou,OU=ou2,DC=domain,dc=com
Error: The user name or password is incorrect.
Possible cause: The AD container specified earlier might be invalid now. The Domain Controller is inaccessible.
Solution: Please verify that the AD container paths specified are valid. Confirm accessibility of the site server to the Domain Controller to be que**ried.
We use a Service account from the DMZ domain to do the discovery: (dmz\service-account).
If I remove the CU from the Site Server, the discovery works well again.
I hope someone can point me in the right direction with this problem.