Samanage Users Role by AD Group Not Provisioning
01-29-2018 02:16 PM
When I add the AD group to the Samanage Users Role, the user gets provisioned in Centrify, but it won't be provisioned in Samanage correctly, so the Samanage portal says "Unable to Launch Application - You do not have access to this application or the application has been removed." after the Centrify authentication. But if I add the individual AD user account to the same Role, the user gets provisioned both in Centrify and Samanage correctly. What causes this?
Solved! Go to Solution.
01-30-2018 04:28 PM
Hello and welcome to Centrify Community!
When you say it won't be provisioned in Samanage correctly, can you elaborate? Are you seeing the user there, is it missing attributes, ...? This can be caused by different things. Replication issue in your AD, Centrify Connector not picking up the change (but the user won't be provisioned at all), ...
Looking forward to hearing back from you,
01-31-2018 07:55 AM
The attempted user will show up under Users in the Cetrify admin console, but it won't show up under Users in the Samanage admin console. Since it shows up in the Centrify admin console, I believe the AD connector is working fine. In fact, when I add this user to the Role members individually, it will show up under the Users in the Samanage admin co nsole as well, and they can proceed to the portal correctly. I hope this explains. Thanks.
02-01-2018 01:45 PM
Thank you for the clarification!
I have opened up a Support case to further investigate this issue. You should have received an email from me.
We will be posting the resolution once we get this fixed.
02-02-2018 11:06 AM
After whitelisting the Domain Controllers that are on the same site, as the other ones had replication issues, and adding the Centrify Connector service account to the "Windows Authorization Access Group", the user was successfully provisionioned to Samanage.
For further information, please see following KB articles: