You receive the Error DecryptPayload failed. exception Padding is invalid and cannot be removed when using ADUS to synchronize AuthAnvil users


When attempting to sync users between Active Directory and AuthAnvil using ADUS, you find "Error: DecryptPayload failed. exception: Padding is invalid and cannot be removed" in the AuthAnvil event log on the AuthAnvil server.



The shared secret between the ADUS clients and the ADUS web service does not match.



Open AuthAnvil Manager > Settings > Active Directory Synbcronization (ADUS)  > Shared Secret - Update this to match ADUS.

If changing the secret on the AuthAnvil Manager does not solve the problem, you will need to reconfigure the Shared Secret on any ADUS clients as well. 

To do this, open the ADUS Configuration tool under Start Menu > All Programs > Scorpion Software > AuthAnvil > ADUS Configuration Editor.  Type the Shared Secret and click "OK".



ADUS all versions unless otherwise noted,  AuthAnvil v4.0 and later.



If you have any questions or need some help, we would be happy to assist. Open a case at or send an email to

Have more questions?

Contact us

Was this article helpful?
0 out of 0 found this helpful

Provide feedback for the Documentation team!

Browse this section