RESOLVED: Members in same AD group can't login

Fue · June 7, 2019, 9:25pm

Hello Community,

We’ve begun playing with Open Distro security and have run into an interesting issue. We have configured AD authc/z and for the most part can logon without any issues. However, there are certain users that are in the same mapped AD role as I am that are unable to login. When those users try to login, they get this message:

There are two differences (not sure if they matter) with these users:

They have almost double the number of AD groups on their account
When searching for their userid in the domain they have other special accounts that show up (the ID is a tad different, eg user123-special)

We have not been able to figure out what is causing this logon issue so reaching out to see if anyone has seen this problem.

Much appreciated!

Thank you,
Fue

Fue · July 8, 2019, 2:21pm

The issue was with nginx. The http headers for users that had the issue were too long so we increased the proxy buffer size on nginx which resolved the issue.

Topic		Replies	Views
User keeps access after remove in AD group Security	1	555	April 28, 2021
AD ldap authz : nested AD group supported? Security	12	428	December 14, 2022
New Users for LDAP Auth Not Being Recognized OpenSearch troubleshoot , configure	1	166	July 5, 2022
Open distro ldap authorization Security	2	517	June 9, 2021
Support for Multiple Active Directory Domains Security	4	944	May 7, 2021

RESOLVED: Members in same AD group can't login

Related Topics