Return
-
Title
AD groups for Spotlight authentication -
Description
Can Spotlight authentication be managed via Active Directory groups instead of using Quest Diagnostic Users and Quest Diagnostic Administrators as local groups (for that authentication) ?
This is to prevent local administrators having the ability to add/remove users/groups from Diagnostic Server local groups. -
Cause
It is not possible to use Active Directory groups to replace the “Diagnostic Administrators”, “Diagnostic Users”, “Diagnostic Read-Only Users” local groups. These groups are used for client authenticate with the Diagnostic Server. -
Resolution
WORKAROUND:Add an Active Directory security group as a member of these three local groups then an end user can add an Active Directory account to the Active Directory group for Diagnostic Server authentication.