Authentication Manager Active Directory Permissions
I'm a domain administrator setting up SecurID RSA hardware tokens on my domain. AM 8.6 has been deployed, Active Directory Identity Sources have been added successfully, Authentication Agent 7.4.5 is in use, tokens are assigned, etc.
My problem is this:
In testing the setup, I have some user accounts that work, and some that don't. These accounts are from the same identity source, in the same OU in AD so no GPO difference, same security groups, same effective access from what I could see for the service account the AM server uses, and also logging onto the same system. Yet AM cannot resolve some of the user names.
The error I get in the authentication monitor is this:
Unable to resolve user by login ID and/or alias, or authenticator not assigned to user
I've tried username and username@domain with the same result. I've verified the authenticator is assigned properly.
Has anybody else had this issue? Any ideas as to what might be causing this?
- Active Directory
- active directory identity source
- authentication agent 7.4.5
- authentication manager 8.6
- authenticator not assigned to user
- external identity source
- unable to resolve user by login id and or alias
Have you looked at Error Unable to resolve user by login ID and/or alias, or authenticator not assigned to user when attempting to authenticate with the SecurID Authenticate application via an RSA Authentication Agent? If that does not resolve your issue, please contact support to work with a support engineer on this.
Thanks for the response. I have checked that out and I do have authenticators assigned to the users so that article, unfortunately, does not apply. I'm trying to get support help but they responded once last week then disappeared.