This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Disconnect from Active Directory

Go to answer
Juanita_Garrett
Champ on-the-rise
Champ on-the-rise

‎11-06-2020 12:31 PM

We are using OnBase 16 with Active Directory - Basic with 3 child domains.  Authentication Settings enabled for each OnBase group. 

 

In Production, we  received another call from a Dept where OnBase groups were automatically removed from a User Account.  We are very concerned why and how OnBase groups can be deleted. Can anyone provide me more information or maybe have experienced such a thing.

 

It seems in the Load Balance Tab of the Workflow users have been removed as well.

Also, a few times when accessing Unity Client, the message would say account locked; however, checked Active Dir and OnBase and account was not locked.

Labels:
0 Kudos
1 ACCEPTED ANSWER

Go to answer
Ryan_Wakefield
World-Class Innovator
World-Class Innovator

‎11-06-2020 01:00 PM

Hello Juanita,

 

So it looks like there are a couple of items that you have going on right now. Let me see what I can do about answering them for you.

 

  1. You mentioned about user groups being automatically removed from a user's account. Since you are using AD-Basic, this is more than likely happening because of a setting on one or more of the User Groups setup in the system. I would look at the user groups in question and go to Configuration Client --> Users --> User Groups / Rights --> {select one of the user groups in question} --> Click on the Authentication Settings button --> See if the check box is checked for "Remove users from this group if no matching domain group found". If this is checked, then this would be why since more than likely the user was removed from that security group on their AD account.
  2. You mention about the Unity Client saying the user is locked. While yes, this does typically mean in AD, OnBase also has it's own lockout system and if they aren't locked out in AD, then there are 2 ways to approach this:
    1. Option 1: Configuration Client --> Users --> User Names / Rights --> {find the user in question} --> Locate the button on the right and it should says either Unlock or Lock. If it says Unlock, then the user was locked inside of OnBase. If it says lock, there could be another reason for their account being locked out.
    2. Option 2: Thick Client --> Admin --> Utilities --> Unlock Users. Locate the user here and unlock. If they aren't there, then there could be another reason for their account being locked out.

 

Hopefully these help you out. 🙂

View answer in original post

0 Kudos
2 REPLIES 2

Go to answer
Ryan_Wakefield
World-Class Innovator
World-Class Innovator

‎11-06-2020 01:00 PM

Hello Juanita,

 

So it looks like there are a couple of items that you have going on right now. Let me see what I can do about answering them for you.

 

  1. You mentioned about user groups being automatically removed from a user's account. Since you are using AD-Basic, this is more than likely happening because of a setting on one or more of the User Groups setup in the system. I would look at the user groups in question and go to Configuration Client --> Users --> User Groups / Rights --> {select one of the user groups in question} --> Click on the Authentication Settings button --> See if the check box is checked for "Remove users from this group if no matching domain group found". If this is checked, then this would be why since more than likely the user was removed from that security group on their AD account.
  2. You mention about the Unity Client saying the user is locked. While yes, this does typically mean in AD, OnBase also has it's own lockout system and if they aren't locked out in AD, then there are 2 ways to approach this:
    1. Option 1: Configuration Client --> Users --> User Names / Rights --> {find the user in question} --> Locate the button on the right and it should says either Unlock or Lock. If it says Unlock, then the user was locked inside of OnBase. If it says lock, there could be another reason for their account being locked out.
    2. Option 2: Thick Client --> Admin --> Utilities --> Unlock Users. Locate the user here and unlock. If they aren't there, then there could be another reason for their account being locked out.

 

Hopefully these help you out. 🙂

0 Kudos

Go to answer
AdamShaneHyland
Employee
Employee

‎12-03-2020 06:43 AM

Hi Juanita.

 

While not directly related, since you mentioned the Active Directory - Basic authentication method, you should be aware that this feature has been deprecated in later versions of OnBase.  Here is a link to a Blog post detailing this information.

 

https://community.hyland.com/blog/posts/50685-sun-setting-the-active-directory--basic-authentication...

 

Best wishes.

0 Kudos
Getting started

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2024 Khoros, LLC