Access to Restricted Agents by Active Directory Groups
Access to Restricted Agents by Active Directory Groups
Active Directory supports multiple types of groups. When configured to use Active Directory as an identity source, AM supports only Universal groups.
When you select an Active Directory group for access on a restricted agent, make sure that you select a Universal group. If you use any other type of Active Directory group, the user may not be able to authenticate. When you view the Active Directory groups from the Security Console, the Security Console displays all groups, regardless of type.
The Security Console cannot display a user’s primary Active Directory user group, such as Domain Users. The group appears empty even though it has members.
Related Articles
Problem with SSL Server certificate installed on Netegrity Affiliate Minder Agent Number of Views Safely backout of a failed configuration push in RSA Web Threat Detection Number of Views Time Zone Legacy Reports Work Around Number of Views Cloud Access Service - Users and Authenticators Number of Views RSA Certificate Manager's GUI Reporting Tool displays a different user-count value than the Event Viewer (or Syslog) Number of Views
Trending Articles
Troubleshooting RSA SecurID Access Identity Router to RSA Authentication Manager test connection failures RSA SecurID Software Token 5.0.2 Downloads for Microsoft Windows RSA Authentication Manager 8.9 Release Notes (January 2026) Quick Setup Guide - Passwordless Authentication in Windows MFA Agent for Active Directory RSA Authentication Manager 8.8 Setup and Configuration Guide
Don't see what you're looking for?
