Active directory groups modified on AD Server alarm
search cancel

Active directory groups modified on AD Server alarm

book

Article ID: 330473

calendar_today

Updated On:

Products

VMware NSX

Issue/Introduction

Title: Alarm for groups.active_directory_groups_modified
Event ID: groups.active_directory_groups_modified

Alarm Description

  • Purpose: Active directory Groups can be modified on Ldap Server.
  • Impact: In this case, the user will not be able to update the policy group containing the Active Directory Group that has been modified on the LDAP server, unless the policy group definition is modified to remove all invalid members and include the valid Active Directory Group members.

Environment

VMware NSX-T Data Center

Resolution

Steps to resolve
For 4.1.2 and higher

Recommended Action:

  1. Go to the Inventory Groups UI and search for the policy group for which the alarm is generated.
  2. Edit the policy group definition to remove the invalid members and add the valid Active Diectory Group members.
  3. After successful editing of policy group, the alarm status will be resolved.

Maintenance window required for remediation? No

Additional Information

API reference:

https://{{nsx-ip}}/api/v1/alarms?feature_name=groups&event_type=active_directory_groups_modified&status=OPEN

Powered by Wolken Software