1 Reply Latest reply on Nov 24, 2014 5:02 PM by ddd671

    Using nested groups for Active Directory authentication?

    mrl

      Is it possible to login to ESM using a user in a nested Active Directory group?

       

      For example:

       

      • Nitro Users (top level AD group - this is also a group within ESM)

                -> Level 2 Users (nested AD group within Nitro Users - NOT a group within ESM)

                     johndoe (user in "Level 2 Users" nested AD group)

                     janedoe

       

      I've attempted the above approach and it doesn't seem to work. If I add "Nitro Users" as an AD group within ESM, johndoe cannot login. However, if I add johndoe directly to the Nitro Users top level group, he CAN login.

       

      This probably sounds overly complex, but we are actually doing this for simplicity of management because in our environment we have a rather complex permissions structure and a lot of Active Directory groups to manage. I just want to know if ESM can support this functionality or if I have to put users directly in the top level group in order for AD auth to work.

       

      Thanks in advance.