Active Directory groups not enumerating - KiXtart.org - official site

You are not logged in. [Log In] KiXtart.org website » Forums » KiXtart » Basic Scripting » Active Directory groups not enumerating

Page 1 of 1

1

Topic Options

#208837 - 2014-05-06 05:43 PM Active Directory groups not enumerating
CAlden CAlden Fresh Scripter Registered: 2007-02-16 Posts: 5 Loc: Wichita, KS	Hello everyone! I'm having a very strange issue, and I'm hoping that somebody could help me troubleshoot. I recently transferred to a new site within my organization, and was told that none of the users at this site are receiving the settings they should receive from their logon script. After a run through debug, I realized that the if statements we're using to test if the users are in a group are always returning false. I wrote a quick script to use EnumGroup() to list my entire group membership, and realized it was showing all the groups I'm a member of except for the ones in this particular site's OU. Is there a reason Kixtart just wouldn't see an OU? Where should I start looking for the root cause?
Top

#208838 - 2014-05-06 05:47 PM Re: Active Directory groups not enumerating [Re: CAlden]
Allen Allen KiX Supporter Registered: 2003-04-19 Posts: 4562 Loc: USA	As a simple, first thing to try, flush the token cache: kix32 /f
Top

#208839 - 2014-05-06 05:55 PM Re: Active Directory groups not enumerating [Re: Allen]
CAlden CAlden Fresh Scripter Registered: 2007-02-16 Posts: 5 Loc: Wichita, KS	I've tried that, doesn't seem to help.
Top

#208840 - 2014-05-06 06:05 PM Re: Active Directory groups not enumerating [Re: CAlden]
Lonkero Lonkero KiX Master Guru Registered: 2001-06-05 Posts: 22346 Loc: OK	kixtart does not "know" about the OU's. the only thing that comes to my mind is that whoever did the groups in that OU, set them up as local security groups or distribution groups. you can test this by just creating a new global security group and see if kixtart sees it. _________________________ ! download KiXnet
Top

#208841 - 2014-05-06 06:23 PM Re: Active Directory groups not enumerating [Re: Lonkero]
CAlden CAlden Fresh Scripter Registered: 2007-02-16 Posts: 5 Loc: Wichita, KS	Thanks for the tip. I checked the group type, and it looks like the groups for this site were set up as universal groups, not global groups (which the groups at my previous site were). However, I set up a global group as a test in this site's OU, and that one is not showing up either. Any other ideas?
Top

#208842 - 2014-05-06 06:24 PM Re: Active Directory groups not enumerating [Re: CAlden]
Allen Allen KiX Supporter Registered: 2003-04-19 Posts: 4562 Loc: USA	Did you logout, and back in, before testing?
Top

#208843 - 2014-05-06 06:30 PM Re: Active Directory groups not enumerating [Re: Allen]
CAlden CAlden Fresh Scripter Registered: 2007-02-16 Posts: 5 Loc: Wichita, KS	Indeed I did. Actually, I'm getting an error when I try to see the test group's memberships. I think there may be an issue with AD replication at the moment, which would preclude me troubleshooting this. I'll have to get back to this issue, I suppose. Edited by CAlden (2014-05-06 06:31 PM)
Top

#208844 - 2014-05-06 07:58 PM Re: Active Directory groups not enumerating [Re: CAlden]
CAlden CAlden Fresh Scripter Registered: 2007-02-16 Posts: 5 Loc: Wichita, KS	OK, the replication issue is now resolved, but I'm still having the issue with Kix failing to enumerate the groups, including the new test group that is set up as global. Anything else I can try?
Top

#208845 - 2014-05-06 08:08 PM Re: Active Directory groups not enumerating [Re: CAlden]
Allen Allen KiX Supporter Registered: 2003-04-19 Posts: 4562 Loc: USA	Not sure this will provide any relevant information, but the following UDF should get the groups the user is in, using the ldap provider. GetADUserGroups - http://www.kixtart.org/forums/ubbthreads.php?ubb=showflat&Number=198609#Post198609 How to use UDFs - http://www.kixtart.org/forums/ubbthreads.php?ubb=showflat&Number=81943#Post81943 The rest of the UDFs are here - http://www.kixtart.org/forums/ubbthreads.php?ubb=postlist&Board=7&page=1
Top

#208846 - 2014-05-06 08:12 PM Re: Active Directory groups not enumerating [Re: Allen]
Allen Allen KiX Supporter Registered: 2003-04-19 Posts: 4562 Loc: USA	What version of kixtart are you using? Have you tried a different/newer version?
Top

#208848 - 2014-05-06 10:42 PM Re: Active Directory groups not enumerating [Re: Allen]
Lonkero Lonkero KiX Master Guru Registered: 2001-06-05 Posts: 22346 Loc: OK	after you added this user account to that test group, did you also flush the cache with the /f? and if still you did not see the groups in enumerated list, could you check if there is anything logged in the eventlog? _________________________ ! download KiXnet
Top

Page 1 of 1

1

Previous Topic

Previous Topic View All Topics

View All Topics

Index Next Topic

Next Topic

Moderator: Jochen, Allen, Radimus, Glenn Barnas, ShaneEP, Ruud van Velsen, Arend_, Mart

Hop to:

Shout Box

Who's Online

0 registered and 657 anonymous users online.

Newest Members

M_Moore, BeeEm, min_seow, Audio, Hoschi
17883 Registered Users

Generated in 0.103 seconds in which 0.062 seconds were spent on a total of 13 queries. Zlib compression enabled.

click tracking