We have identified some Active Directory (AD) users who cannot login to the Foglight FMS.
Neither of them could log in as the message indicates: "LDAP account 'user_name' was imported in the Management Server successfully. Howere, you cannot log in until an administrator grants permissions to your account. Please contact your administrator. , you can see their user accounts in the management console, though no roles are applied.
It seems like Foglight does not see the AD group and the delegated role for these specific users as other users do not require administration after initial login since we have their AD group already defined in Foglight's groups.
Typo in LDAP Configuration -> "The second group namespace" entries where DC=DC= was entered twice.
That explains why some users worked and other did not. Foglight queried the users that was able to authenticate in the 1st scope search option, while the users that failed was dependent on the second namespace DN.
There was a typo in the LDAP Configuration -> "The second group namespace" entries.
OU=Dynamic Groups,DC=DC=prod,DC=mycompany,DC=corp
RESOLUTION: The corrected entry is OU=Dynamic Groups,DC=prod,DC=mycompany,DC=corp
© ALL RIGHTS RESERVED. Feedback Terms of Use Privacy Cookie Preference Center