Hi all,
I have a problem with authentication of users in nested AD groups, because they are not able to login with group-based roles.
Logon is however possible if the same users are directly configured within Access control.
Would be here a possible solution as explained in KB2079763 for Log Insight 4.5?
Thanks!
So, I found the solution for it...
It is possible and safe to use recommendations for vRLI 4.5 on 8.0.1 also.
Workaround for LogInsight Standalone:
Add following lines here https://fqdn/internal/config :
<ad-nested-groups value="true" />
<ad-nested-groups-matching-chain-rule value="false" />
No need to restart services, change is immediate and users in nested groups were able to log in.
Workaround for 3 Node Cluster:
Add following lines here https://fqdn-ILB/internal/config (Master node ILB):
<ad-nested-groups value="true" />
<ad-nested-groups-matching-chain-rule value="false" />
Configuration will be replicated on all nodes. No need to restart services, change is immediate and users in nested groups were able to log in.
Here's KB -> https://kb.vmware.com/s/article/2079763
So, I found the solution for it...
It is possible and safe to use recommendations for vRLI 4.5 on 8.0.1 also.
Workaround for LogInsight Standalone:
Add following lines here https://fqdn/internal/config :
<ad-nested-groups value="true" />
<ad-nested-groups-matching-chain-rule value="false" />
No need to restart services, change is immediate and users in nested groups were able to log in.
Workaround for 3 Node Cluster:
Add following lines here https://fqdn-ILB/internal/config (Master node ILB):
<ad-nested-groups value="true" />
<ad-nested-groups-matching-chain-rule value="false" />
Configuration will be replicated on all nodes. No need to restart services, change is immediate and users in nested groups were able to log in.
Here's KB -> https://kb.vmware.com/s/article/2079763