on 09-05-2008 10:45 AM
hi Guys,
environment = XIR2 SP2, running on 2 separate servers, in Test and Live.
Created a new AD group, and added it to Mapped AD Member Groups. An error message was returned (which I didn't capture!) which mentioned "duplicates in folders" ??
New AD group is visible in All Groups etc, but authentication is not working.
Tried it again with another test AD group, with same result.
Any attempt to update the Windows AD tab in CMC, gives following error:
Error updating Windows AD authentication properties: Active Directory Authentication failed to verify one or more of the mapped groups. If the problem persists, please delete and re-map into BusinessObjects Enterprise the following group(s): S-1-5-21-381331107-1882379211-181669542-40529; S-1-5-21-381331107-1882379211-181669542-40530
I've looked at these SIDs with psGetSid and they are not AD groups...
I've tried all this in Test and it works fine, just not in Live!
any thoughts/advice gratefully accepted!
there's a cleaner way of doing this but try using query builder
select * from ci_systemobjects where si_name='secWinAD'
Do not copy that type it.
When it returns all the sids will be listed and they correspond to the AD groups mapped in the CMC/auth/windowsAD
Regards,
Tim
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
hi Tim,
thanks for the reply.
That query gives me a list of the SIDs that are mapped, and it includes the 2 that XI is reporting a problem with.
(funny thing is, there are 17 SIDs listed, but there are 19 AD Groups listed on the Windows AD tab in CMC?)
Any ideas on how to get rid of the 2 problem SIDs?
I've tried removing them from the list in the Windows AD tab, and updating, but just get that error message...
User | Count |
---|---|
87 | |
23 | |
11 | |
9 | |
8 | |
5 | |
5 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.