In the nolio_dm_all.log files, this message presents: "Error while trying to fetch users authorities from Active Directory using tokenGroups".
CA Release Automation 6.x
The message may present if the end users are trying to login and are experiencing an HTTP 500 error or with LDAP integration not working correctly. This is often due to a missing domain suffix (ie: user1 vs email@example.com).
The users' LDAP entry for "UserPrincipalName" may be missing the domain suffix (ie firstname.lastname@example.org vs user1) or in the distributed.properties file that is used to configure the LDAP integration, the AD login user is missing a domain suffix.
Another potential cause for the error is documented here: