Search the VMware Knowledge Base (KB)
View by Article ID

Unable to log in to Log Insight as a member of an AD group defined in Log Insight (2148045)

  • 0 Ratings

Symptoms

When Active Directory Integration is configured on vRealize Log Insight and access to vRealize Log Insight for an AD group with capital letters in the group name is granted, you experience these symptoms:
  • Log in to vRealize Log Insight UI with a user member of the AD Group fails.
  • In the /storage/var/loginsight/ui_runtime.log file, you see entries similar to:

    [2016-08-29 17:53:32.365+0000] ["http-nio-443-exec-1"/10.200.202.96 WARN] [com.vmware.loginsight.web.actions.misc.LoginActionBean] [User login failure: Bad username/password attempt (username: xxxxxxx)]
    com.vmware.loginsight.aaa.AuthenticationFailedException: The user does not belong to any permitted groups


  • Login works fine if the permission granted to the AD user account directly instead of using AD group.

Cause

This issue occurs because vRealize Log Insight 3.6 is case sensitive in handling AD group names, which results in login failure if the group name contains capital letters.

Resolution

This is a known issue affecting vRealize Log Insight 3.6.

This issue is resolved in vRealize Log Insight 4.0, available at VMware Downloads.

Request a Product Feature

To request a new product feature or to provide feedback on a VMware product, please visit the Request a Product Feature page.

Feedback

  • 0 Ratings

Did this article help you?
This article resolved my issue.
This article did not resolve my issue.
This article helped but additional information was required to resolve my issue.

What can we do to improve this information? (4000 or fewer characters)




Please enter the Captcha code before clicking Submit.
  • 0 Ratings
Actions
KB: