We recently upgraded form 2003 AD to 2012, in the process the domain controller IP address changed. AFter updating the IP address of the LDAP/DNS server in Dell Kace 1000, our Service Desk Staff can no longer log in, they receive the message "Access Denied: You do not have access to any of the tabs". We have verified the LDAP import does work and service desk accounts are part of the Service Desk Staff Role. Nothing has changed other than the IP address of LDAP and if LDAP is still functionning, why can't our users log in? We've exhausted all knowledgebase articles and started a Dell Kace Support ticket but we have been down for 4 business days now, and support is not responding and don't think this issue is urgent! Can anyone assist?

4 Comments   [ + ] Show Comments

Comments

  • In Settings -> Control Panel -> User Authentication do you have more than one server configured? Are you using the DNS name of the LDAP/AD host or the IP address?
  • There is only one server configured (the default examples "Admin Server" and "Read Only Admin Server" are listed below it) and we are using the DNS name not the IP
  • Seems to be role based. I would try the following.

    1. Change the LDAP to IP address in the configuration for User Authentication
    2. Test with an account by changing KBOX_USER to an actual AD account and test the password and see the results.
    3. Log in as admin and delete the configuration for LDAP and create a new one.
    • Thanks for the reply. 1. we were using the IP not the LDAP server name, but I reversed it anyway, did not change anything. 2. Test works fine, always has, with username or with KBOX_User, tests always come back good. 3. Good suggestion, didn't think of that, but creating a new one had no impact. :(
  • Made some progress. I realized today that what is actually happening is when I run the Import Users, it is creating a 2nd user account. Only Service Desk Staff log in (not users), so every person in that role is getting a 2nd account created with the same name but "User" status, so if I change the "User" Status to "Service Desk Staff", then that account can login but has no tickets as the tickets are all associated with the original user. Any ideas?
Please log in to comment

There are no answers at this time

Answers

Answer this question or Comment on this question for clarity