I am trying to configure Onbase for Auto login with AD authentication. I have performed the following steps.
1. mapped and AD group to an onbase group.
2. Set Suto login to true in web config file
3. Set AllowNTAuthenticationOnForwarding to true in config file.
4. Launch the client with -AL switch.
I get the follwoing error message (Error 3839) The current user does not belong to the designated domain.
When I evaluate onbase group membership for my user account I get the following.
-- Begin User Evaluation --
Checking for user's domain (ad.dcsc.gov) in set of configured domains.
Found user domain ad.dcsc.gov in configured domains.
Using current security context to resolve AD user object.
Resolving AD user
Domain NETBIOS name 'ad'
Domain distinguishedName 'DC=ad,DC=dcsc,DC=gov'
Domain canonical name: ad.dcsc.gov
Resolved AD object for user domain 'ad.dcsc.gov'
Resolving AD object for user 'PanwalkarM'
Issuing search: (&(objectClass=user)(objectCategory=person)(sAMAccountName=PanwalkarM))
Search returned successfully
Found user SID: S-1-5-21-35479550-337188864-1291082073-14532
Attempting serverless bind to 'LDAP://<SID=S-1-5-21-35479550-337188864-1291082073-14532>'
User distinguishedName 'CN=Panwalkar\, Milind,OU=WSUS Clients - Workstations,DC=ad,DC=dcsc,DC=gov'
User's domain: ad.dcsc.gov
Re-binding user object with 'LDAP://CN=Panwalkar\, Milind,OU=WSUS Clients - Workstations,DC=ad,DC=dcsc,DC=gov'
Successful bind to AD user object.
Loading all AD-to-OnBase group mapping objects.
Found user security principal. Comparing SIDs.
Found user's SID
AD user Panwalkar, Milind (PanwalkarM) is a member of 1 OnBase groups
MANAGER (1)
No existing OnBase user with username of 'PanwalkarM'
-- End User Evaluation --
Am I missing anything? I have verified that the username "PanwalkarM" is present in onbase and belongs to the manager group.
