• State Not Answered
  • Locked Locked
  • Replies 7 replies
  • Subscribers 24 subscribers
  • Views 505 views
  • Users 0 members are here
Options
Related
This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.
You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

AD groups login with PKI issues

jtwis

We are having issues with our solarwinds logging in.


We have an entire group that is unable to log in with their PKI token. We have tried doing IE, edge, chrome and FireFox. With FireFox it is giving us a prompt for a username\password just to get to the site. Edge\IE\chrome just goes right to a login page.

I have removed the group from SW and readded it, and still no luck.

To throw another wrench in the gears, we ahve two other groups that have users that can log in, and some that cannot.

I can take those users and add them as individual accounts and they log in without and issue.

Any suggestion on where I need to look to get this taken care of would be helpful.

  • 0

    Hi jtwis​,

    If some users are working and others are not, that would suggest that something is wrong with the configuration you have done rather than general login to the help desk.

    If we wanted to confirm this, we would simply stop the AD connection via PKI and try the general login.

    If you go to Clients and do an Advanced Search with no criteria, do you find the users that are having issues in the list?

    How have you gone about configuring this, do you have anything you can show so we can review your configuration?

    -Midnight

  • 0 in reply to fluffy_midnight

    Thank you for replying.

    I am not the one who set up the application, and unfortantely I do not have anything I can show for the configuration. If you can suggest something that you would think to look at, and where I can find it, I will tell you the settings, but I am unable to post pictures and the application is on an enclosed enclave that I cannot get screenshots off.

    As far as when you said "If you go to Clients and do an Advanced Search with no criteria, do you find the users that are having issues in the list?" Are you suggesting going to "users" and searching for the ones that aren't able to log in?

    I am working on checking the connection to AD as you also suggested.

  • 0 in reply to jtwis

    Hi jtwis​,

    Check within the Advanced Search, here's a screenshot of the thing you're looking for:

    pastedImage_0.png

    Note that the configuration may have a different name to 'Clients', such as "Users" that you've mentioned.

    You can search on the AD connection that you have, then locate whether the users having login issues are in the list or not:

    1. If they are, then you need to review how they've tried logging in; did they have insufficient login details, etc...

    2. If they aren't, you need to review the AD connection settings.

    3. If no one is displayed in the list, remove that filter and search again, locate a user you believe has been synced by AD and check the LDAP Connection field within their account information.

    Let's see where we go from here.

    -Midnight

  • 0 in reply to fluffy_midnight

    Unfortantley I am not seeing that option for advance search in our user section. I did notice that you are running a different version that we are. Our Orion Platform is 2016.2.100.

    I did go through and checked all the users who cannot log in, and solarwinds is able to find them through AD when I try and make them user accounts. And those account will work in logging in, just not them being part of a security group.

  • 0 in reply to jtwis

    Hi jtwis​,

    The Web Help Desk application isn't part of Orion, which application are you on about when you cannot sync the user from AD?

    Are you able to provide screenshots of what you can see?

    -Midnight

  • 0 in reply to fluffy_midnight

    With that last reply, I think I might have posted this in the wrong forum.

    I am trying to get users logged into the Orion software thourgh the website. Using the orion, where they can use NLM, NPM and such.

    If that is not what this one is for, I will try another.

    And no, I am not able to provide screenshots as I am not able to get them off the enclosed enclave we use solarwinds on.

  • 0 in reply to jtwis

    Hi jtwis​,

    This was submitted to the 'Web Help Desk' area rather than any Orion-related product.

    The configuration of AD within the Orion platform should allow you to determine which OU's are synced so you can prevent users from different groups from accessing the platform. I would recommend reviewing this configuration.

    -Midnight

SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 195,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.

SolarWinds Customer Success Center Certification Media Vault Link Accounts
About THWACK Blogs For Government Edit Settings Free Tools & Trials
Legal Documents Terms of Use Privacy California Privacy Rights Security Information
©2024 SolarWinds Worldwide, LLC. All Rights Reserved.