Support » Plugin: Active Directory Integration » Active Directory Groups

  • So I have Active Directory authentication working except when I enable “Authorize by group membership”.

    We are in a single forest with multi-domain configuration. To allow users to authenticate from any domain, we point to our global catalog server on TCP/3268 (3269 for TLS). Our base search is configured for DC=xx,DC=net and we use the UniversalPrincipleName for authentication. This all works.

    When I enable the group that we want to match users against, it is in a subdomain DC=yy,DC=xx,DC=net. The Universal group in that domain is set as NET-MGMT-IT-ADM. I’ve tried combinations of NET-MGMT-IT-ADM, YY\NET-MGMT-IT-ADM, & NET-MGMT-IT-ADM@yy without any luck. Kind of stuck, and the only thing killing me at this point.

Viewing 1 replies (of 1 total)
  • Have you tried removing and reinstalling the plugin? Just something to try.

    I had a problem on one of the first sites I used this plugin in where it wasn’t adding the account suffix to logins. One day it just decided to work. I’m not sure what happened but it fixed itself. I wonder if maybe you have a similar thing going on.

Viewing 1 replies (of 1 total)
  • The topic ‘Active Directory Groups’ is closed to new replies.