Sync Service is not available

With the Hybrid Module, Sync Service is responsible for communication between the on-premises and hybrid services. Sync Service:

  • Sends policy configuration data to the hybrid service
  • Sends user information collected by Directory Agent to the hybrid service
  • Receives reporting log records from the hybrid service

If you have not yet activated your hybrid service account, or if you have attempted to activate the hybrid service, but have not been able to do so, note that your local web protection software components must be able to communicate with Sync Service before the connection to the hybrid service can be created.

To troubleshoot this issue, make sure that:

  • Sync Service is running.
  • Sync Service is successfully binding to the correct IP address and port.
    • The IP address and port that Sync Service is attempting to use are listed in the syncservice.ini file, located in the bin directory on the Sync Service machine.
    • The IP address and port shown on the Web > Settings > Hybrid Configuration > Shared User Data page in the Forcepoint Security Manager must match those listed in the syncservice.ini file. If you update the configuration file, also manually update the Settings page.
    • The IP address and port in the syncservice.ini file must match the Sync Service IP address and port values in the das.ini file (located in the bin directory on the Directory Agent machine).

    Verify that no other service on the Sync Service machine is binding to the IP address and port that Sync Service is attempting to use. If you suspect that Sync Service is unable to bind to the correct IP address and port, stop the service, open a command prompt, and try to start the service in console mode:

    syncservice -c

    In console mode, Sync Service displays the IP address and port that it is using, or displays an error, if it is unable to bind to the IP address and port.

  • The Sync Service machine can communicate with the Policy Broker machine on port 55880.
  • The Sync Service machine can connect to the Policy Server machine on ports 55806 and 40000, and receive data from Policy Server on ports 55830 and 55831.
  • The management server machine can create an HTTP connection to the Sync Service machine on port 55832.

Also check the Windows Event Viewer or websense.log file for errors from Sync Service.