2 Replies Latest reply on Sep 11, 2012 1:03 PM by paulbr

    Problems with AD Group Login

    paulbr

      We recently started using AD Groups for automatic login which has been working fine.  However, I just added a group of users from a different domain in our forest and they are unable to login.  I did some searching around and some people said that assigning the group "Allow logon locally" permissions to the Orion server but that didn't fix the login error.  I also found this error in the OrionWeb.log file: SolarWinds.Orion.Web.AuthorizationManager - Warning: Checking Group membership; Account Group 'domain\groupname' contained NULL SID.  I checked the Accounts table in the NetPerfMon database and found that the group that couldn't login had no entry in the SID column.

       

      It seems like the problem has something to do with permissions between the two domains as all the groups added from the domain the Orion server is a member of have SID values.  The small print when adding a new group says you need administrative rights but my account has read-only and I haven't had any problems adding groups before.  Are there any special permissions required for adding a group in a different domain?  I was also thinking of manually updating the database with the SID value but I would prefer to have the group added properly to Orion.