- marked as critical
Active Directory login may fail if user belongs to many groups (SI)
Issue #300
resolved
SPs in Identities check up to 10 groups the user belongs to . If these are found in AspNetUsers, the user has the permission assigned to that group. In SI, some users have e.g. 17 groups - and the groups that matter (SIEMISAdmin, SIEMISUser) do not come up in the first 10 listed, so the login fails.
Changes required to SPs in Identities made in SI - need deployment
Comments (3)
-
-
reporter Relies on pushing the latest stored procs from IdentitiesP to production. These cater for users potentially being members of up to 20 groups.
-
reporter - changed status to resolved
Ensure that the new stored procs are deployed in IdentieisP
- Log in to comment
Also possibly related from Weison:
And need to confirm this change has been done in RMI/FSM.