Tell them it is a core bug. JIRA Case: CORE-15843
Then refer them to this thwack link. Even though it is outside the Normal support as it is Orion SDK/API, they should have basic knowledge on what are…
Ok, then that might be the issue. Latest HF requires the latest SWQL or you get an error on logging in looking something like that.
Just one thing to make sure, if you have the latest hotfixes for Orion you also need the latest SWQL studio - do you have the latest SWQL studio?
Also, are your AD users added as groups or individual accounts…
Error in the GUI : Unable to connect to Information Service. Invalid Username or password
2022-04-20 14:45:27,860  INFO SolarWinds.Orion.Web.OrionMixedModeAuth - (null) (null) Successfully retrieved WindowsIdentity for user Domainxx\x123456a.
2022-04-20 14:45:28,203  INFO SolarWinds.Orion.Web.AuthorizationManager - (null) (null) WindowsAuthorizationManager.CheckCreateUser() failed: System.ArgumentException: The (&(|(objectClass=user)(objectClass=group))(|(objectSid=S-1-5-21-3499964120-3315823391-1593708255-811737)(objectSid=S-1-5-21-3499964120-3315823391-1593708255-1002140)(objectSid=S-1-5-21-3499964120-3315823391-1593708255-1246602)(objectSid=)(objectSid=S-1-5-21-3499964120-3315823391-1593708255-1002139)(objectSid=S-1-5-21-3499964120-3315823391-1593708255-801432)(objectSid=S-1-5-21-3499964120-3315823391-1593708255-1093599))) search filter is invalid.
at SolarWinds.Orion.Web.Authentication.Windows.DirectoryServices.GetDistinguishedNames(IEnumerable`1 sids)
at SolarWinds.Orion.Web.AuthorizationManager.WindowsAuthorizationManager.GetDomainGroups(WindowsIdentity identity, IEnumerable`1 orionDomainGroupsSids)
at SolarWinds.Orion.Web.AuthorizationManager.WindowsAuthorizationManager.CheckGroupMembership(WindowsIdentity identity)
at SolarWinds.Orion.Web.AuthorizationManager.WindowsAuthorizationManager.GetUpdatedVirtualUserFromGroupMembership(WindowsIdentity identity, String errorMessage)
at SolarWinds.Orion.Web.AuthorizationManager.WindowsAuthorizationManager.CheckCreateUser(WindowsIdentity identity)
at SolarWinds.Orion.Web.AuthorizationManager.CheckCreateUser(IIdentity identity)
2022-04-20 14:45:28,203  WARN SolarWinds.Data.Providers.Orion.OrionAccountValidator - (null) (null) Invalid username or password for user 'Domainxx\x123456a' via Windows Authentication.
If I try the "Orion V3 AD" login method (no need to enter password), it gives GUI error as below
Unable to connect to Information Service. The server has rejected the client credentials.
I could not see anything in the log file for this.
We tested with latest version of SWQL and it still does not work. The API access via Python SDK is also not working for AD Group Users. So I guess the issue is not with SWQL but with Core or Information service API.
We dont use individual accounts as there is few many users who need API access. Ex: Users use scripts to mute/manage multiple nodes as part of a Change
Also noticed, when I add a new Orion local user it has only access to the Orion scheme and not to NCM, Cirrus etc. But older local accounts can access all schemas in SWQL.
Looks the whole authentication for API's seems to be mess for me. Is there a way to reset the stuff? like a clean slate and start again
SolarWinds solutions are rooted in our deep connection to our user base in the THWACK© online community. More than 180,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.