6 Replies Latest reply on Sep 29, 2016 8:02 AM by d09h

    Solarwinds Login AD Logs

    spross

      Hello,

      We have a user that is in an AD group. The AD group has been added to Solarwinds. No one in this group is able to login.  All of the other AD groups do not have a problem.  They receive the error Bad username or Password.  Is there a SW log file that would show us the error back from AD so that I can show to the Systems team?  There is nothing in the Event viewer (Security and SolarWinds). I need to have a log file showing the issue.

       

      Thanks

       

      Scott

        • Re: Solarwinds Login AD Logs
          HerrDoktor

          I'd start with removing and adding the group to the Orion web-console-login.

          Maybe something went wrong there.

           

          To my knowledge Orion just passes the logon credentials to the domain controller (with the Computer-account) and waits for a positive response. So as long as your Orion Server is an AD Member it should not need any further configuration.

           

          What version are you running (Check the bottom of your Orion Website and post the Versions of all modules here)

           

          Cheers,

          Holger

          • Re: Solarwinds Login AD Logs
            HerrDoktor

            It seems you are not the only one

             

            AD Group Logon broken

             

            Re: Solarwinds AD

             

            Problems with AD Group Login  (this seems most promising: Check the "allow logon locally" rights on your Solarwinds Server)

            • Re: Solarwinds Login AD Logs
              d09h

              I have occasionally fixed AD login issues for users by deleting the involved row (the affected user) from the accounts table in the database.  I did this for users who did not have individual AD accounts but who authenticated through the AD group configured in SolarWinds.  Seemed like the cached information was keeping access from working since removing that information tended to fix the issue.  I did not have access to the AD server or its logs, so the quick and proven fix was preferred over a time consuming research project involving other teams/ priorities.

               

              DISCLAIMER:  Be careful in the database.