After enabling Zone Role Workflow and trying to add a zone role the errors may appear
Unable to retrieve all hierarchical zones
username or password is incorrect
When the cloud fetches the list of zones/roles in the environment, it uses the domain administrative account instead of the credentials of the user who is currently logged in. The errors are indicating that the tenant cannot validate the credentials provided for domains administrative account.
There are 2 steps to take to identify and resolve the problem.
1. Correct and/or verify the credentials of the domains administrative account.
Open admin portal, navigate to
Domains -> <select the domain > -> Accounts -> <select the administrative account> -> Actions -> Verify Credentials
Observe the popup at the top and confirm the credentials worked. If there is a failure to verify the credentials, update the accounts credentials then set the domain administrative account once again.
2. Check the format of the username defined for the domain administrative account.
The format of the domain administrative account should be just the username. It should not include @domain.com as part of the name as the account must already, by definition, be a domain account. If the username has an incorrect format, remove the account and re-add it using the proper format.