I have been hunting down a random AD user authentication issue that suddenly popped up over the past few weeks in our Orion environment. Our environment has been in place for 8 year plus and this is a new issue. Never had anything like this before so going back to the basics. Support is trying to help be we not found the smoking gun as of yet.
While looking for a list of the required AV exclusions I am baffled by the number of dead links and conflicting information. Does anyone have an official list of what files / folders must be excluded from AV scanning as directed by Solarwinds? I would like to find the official SW documentation as I will have to reference the vendor info when I ask our security team to reverify the exclusions are in place. We had requested these exclusions before, and they were in place, but we are double checking every possible corner for issues.
Thanks in advance if anyone can point me to the documentation.
Our issue: users with individual AD group accounts are able to log into Orion without issue. Users who are granted access via an AD group are unable to log in at random times. A server reboot enables their login for 10 - 12 hours and then it starts to fail again. If users are given a local account (non AD) they can log in fine. Users with individual AD logins have no issue. This only impacts users who are part of multiuser AD groups. Example steve@florida.com is able to log in fine, joe who is a member of the orionusers@florida.com AD group can't log in. Joe is given a local login (or server is rebooted) and Joe can log in fine. 12 hours later repeat.
