04-23-2013 07:42 AM
I am trying to configure Onbase for Auto login with AD authentication. I have performed the following steps.
1. mapped and AD group to an onbase group.
2. Set Suto login to true in web config file
3. Set AllowNTAuthenticationOnForwarding to true in config file.
4. Launch the client with -AL switch.
I get the follwoing error message (Error 3839) The current user does not belong to the designated domain.
When I evaluate onbase group membership for my user account I get the following.
-- Begin User Evaluation --
Checking for user's domain (ad.dcsc.gov) in set of configured domains.
Found user domain ad.dcsc.gov in configured domains.
Using current security context to resolve AD user object.
Resolving AD user
Domain NETBIOS name 'ad'
Domain distinguishedName 'DC=ad,DC=dcsc,DC=gov'
Domain canonical name: ad.dcsc.gov
Resolved AD object for user domain 'ad.dcsc.gov'
Resolving AD object for user 'PanwalkarM'
Issuing search: (&(objectClass=user)(objectCategory=person)(sAMAccountName=PanwalkarM))
Search returned successfully
Found user SID: S-1-5-21-35479550-337188864-1291082073-14532
Attempting serverless bind to 'LDAP://<SID=S-1-5-21-35479550-337188864-1291082073-14532>'
User distinguishedName 'CN=Panwalkar\, Milind,OU=WSUS Clients - Workstations,DC=ad,DC=dcsc,DC=gov'
User's domain: ad.dcsc.gov
Re-binding user object with 'LDAP://CN=Panwalkar\, Milind,OU=WSUS Clients - Workstations,DC=ad,DC=dcsc,DC=gov'
Successful bind to AD user object.
Loading all AD-to-OnBase group mapping objects.
Found user security principal. Comparing SIDs.
Found user's SID
AD user Panwalkar, Milind (PanwalkarM) is a member of 1 OnBase groups
MANAGER (1)
No existing OnBase user with username of 'PanwalkarM'
-- End User Evaluation --
Am I missing anything? I have verified that the username "PanwalkarM" is present in onbase and belongs to the manager group.
04-23-2013 08:30 AM
Hi Milind,
Thanks for the post and for providing the logs!
Looking at the logs it appears that OnBase found the SID of the user that you are currently logged in with in the OnBase database and show allow for the user to log. What you might want to try is deleting the OnBase user from OnBase Config, log back in and try it to see if it would recreate the user.
Let us know if that works. If it doesn't, I'm going to recommend working with your first line of support to further investigate the issue.
Take care.
Find what you came for
We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.