/build/static/layout/Breadcrumb_cap_w.png

IP Address change of LDAP/DNS server has caused Service Desk Staff accounts to get "Access Denied" upon log in

We recently upgraded form 2003 AD to 2012, in the process the domain controller IP address changed. AFter updating the IP address of the LDAP/DNS server in Dell Kace 1000, our Service Desk Staff can no longer log in, they receive the message "Access Denied: You do not have access to any of the tabs". We have verified the LDAP import does work and service desk accounts are part of the Service Desk Staff Role. Nothing has changed other than the IP address of LDAP and if LDAP is still functionning, why can't our users log in? We've exhausted all knowledgebase articles and started a Dell Kace Support ticket but we have been down for 4 business days now, and support is not responding and don't think this issue is urgent! Can anyone assist?


4 Comments   [ + ] Show comments
  • In Settings -> Control Panel -> User Authentication do you have more than one server configured? Are you using the DNS name of the LDAP/AD host or the IP address? - MacDude 9 years ago
  • There is only one server configured (the default examples "Admin Server" and "Read Only Admin Server" are listed below it) and we are using the DNS name not the IP - leblancd 9 years ago
  • Seems to be role based. I would try the following.

    1. Change the LDAP to IP address in the configuration for User Authentication
    2. Test with an account by changing KBOX_USER to an actual AD account and test the password and see the results.
    3. Log in as admin and delete the configuration for LDAP and create a new one. - nshah 9 years ago
    • Thanks for the reply. 1. we were using the IP not the LDAP server name, but I reversed it anyway, did not change anything. 2. Test works fine, always has, with username or with KBOX_User, tests always come back good. 3. Good suggestion, didn't think of that, but creating a new one had no impact. :( - leblancd 9 years ago
  • Made some progress. I realized today that what is actually happening is when I run the Import Users, it is creating a 2nd user account. Only Service Desk Staff log in (not users), so every person in that role is getting a 2nd account created with the same name but "User" status, so if I change the "User" Status to "Service Desk Staff", then that account can login but has no tickets as the tickets are all associated with the original user. Any ideas? - leblancd 9 years ago

Answers (0)

Be the first to answer this question

Don't be a Stranger!

Sign up today to participate, stay informed, earn points and establish a reputation for yourself!

Sign up! or login

Share

 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ