Announcement

Collapse
No announcement yet.

Users Active Directory

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
  • #1

    Users Active Directory

    Good afternoon.

    I need some help. I use Nxfilter with an Active Directory connection.

    Sometimes users are reporting that when trying to log in, the page gives an incorrect password error.

    So, I have to go to the Active Directory menu, delete the user, and import them again.

    Simply importing them isn't solving the problem.

    At the same time, I would suggest a way to delete all imported users from AD. So that when the connection is made again, it imports them all. This way, there won't be any "junk".
    Tags: None
  • #2
    Do they have any special characters in their passwords? This can be a problem because we query user credentials to the DC, and special characters sometimes cause errors. The best way is to use an SSO agent like nxlogon or cxlogon.

    Also, if you delete the AD setup on the GUI, all imported users and groups will be deleted. We do not have a delete button because it is dangerous and rarely needed.

    Comment

    • #3
      So, yes, the passwords are there, but they work perfectly.
      There are two issues.
      If, in AD, we administrators change the users of some OU organization without deleting the user and re-importing it, they can no longer log in.
      Also, it happens that on the day the password expires, it also gets blocked. However, in Windows, it accesses normally on the expiration date.

      It seems that even though the import occurs automatically, it doesn't update this information.

      I did what you suggested, I deleted the connection and created it again. Then it imported everything at once.

      Comment

      • #4
        If I understand the situation correctly, the login failure happens right after you move a user to another OU. This is because NxFilter stores and uses the absolute LDAP DN for user authentication. When you move a user between OUs, their DN changes in Active Directory.

        Therefore, right after moving a user, you need to run a manual import (sync) in NxFilter to force-update their new DN. If doing a manual sync still doesn't solve it, we might need to look for another approach.

        Comment

        • #5
          So, from what I understand, the manual or automatic update will only work if you delete the old one.

          Simply importing doesn't update.

          Comment

          • #6
            Don't know what's 'Simply importing'. When I said 'update', it's an importing. When you import users, the changes for DN will be updated.

            Comment

            • #7
              I meant:

              If you access the AD menu, click Import, or wait for automatic synchronization.

              The update doesn't run. (This is in the situations I mentioned, when there's a change in the OU).

              It only works if you delete the user and click import again.

              Comment

              • #8
                OK. We will use UPN for AD user login then. It will be done with the next version.

                Comment

                Previous template Next
                Working...
                X