This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Single Sign on issue-

Joe_Henning
Champ on-the-rise
Champ on-the-rise

‎09-12-2012 04:54 PM

Hello, we have a small (less than 10) user environment we configured with NT security for autologin, and all of the users except 1 are able to successfully get in to OBA and OB clients. This user is a valid domain user and assigned to the OU as referenced in OnBase.

The switches we used on the command line for the shortcut are -AL -ODBC etc.

 As I said, exactly the same as everyone else.

Each time this user attempts to autologin we get the standard failure statements (no user group assigned, and failed auto login).

I've had the network guys yank her from the group and re-add. I had them create another OU and add her there, still no dice.

I finally had to give up and go to OnBase Authentication for her user and call her a named license, but that is clunky and I kind of feel bad for her needing to log in manually each time.

Any ideas are greatly appreciated-

Thanks

Labels:
0 Kudos
3 REPLIES 3

AdamShaneHyland
Employee
Employee

‎09-13-2012 05:51 AM

Hi Joseph.

Thanks for the post.

You mention that you have the OU referenced in OnBase.  OnBase does not work with OU mapping.  It relied on AD User Group mapping.  This means that the user must belong to a User Group that is mapped in OnBase, not an AD Organizational Unit. 

One thing that you can easily try is to make sure that the User Group Discovery method is configured for Nested Groups instead of First-Level.  The Nested Group method uses a newer functionality in order to find user groups within AD. 

Thanks.

0 Kudos

Joe_Henning
Champ on-the-rise
Champ on-the-rise

‎09-13-2012 01:13 PM

Hi Adam, thank you for the response. I may have mis-spoken my term as far as OU.

I meant it is an Active Directory group called OB-Users. 

The users are assigned to that group which is not nested.

My apologies on that. Do you think that changing the 'nested' option is still a viable suggestion?

0 Kudos

AdamShaneHyland
Employee
Employee

‎09-13-2012 01:39 PM

Hi Joseph.

Thanks for the clarification.  Neither methods (First-Level and Nested Groups) use OU's for user discovery.  Changing the discovery method to Nested Groups is definately something that should be considered.  While it might make a difference it might not. 

To troubleshoot you are going to want review verbose of the user attempting to login (ie adding -V to the command line switch).  The verbose log of the OnBase Client when display all messages during the authentication process.  It will list the discovery of the user groups along with any errors that it runs into while attempting to login the user in.  If you are not familar with reviewing the verbose log, it might be worth engaging your first line of support.

Take care.

0 Kudos
Getting started

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2024 Khoros, LLC