Active Directory nested groups have no role assigned in Operations for Logs
search cancel

Active Directory nested groups have no role assigned in Operations for Logs

book

Article ID: 388496

calendar_today

Updated On:

Products

VMware Aria Suite

Issue/Introduction

After configuring Active Directory authentication in Operations for Logs and Importing Active Directory groups, members of nested groups are able to log in but receive an error stating they do not have any rights assigned.

Environment

Aria Operations for Logs 8.12.x

Cause

Nested groups functionality is disabled by default in Operations for Logs.

Resolution

  1. Take snapshots of the Operations for Logs nodes before performing any maintenance.
  2. Browse to the internal config page of the primary node at https:// Primary_Hostname_Or_IPaddress/internal/config per the article.
  3. Locate the <ad-nested-groups value="false" /> line and change to true per the article.

  4. Restart loginsight service on all the nodes.
    service loginsight restart