hub LDAP integration, user not found
When searching through the hub logs, it appears that the ID is located, lists the groups that the account is a member of, but fails afterwards. The account name is "abcd." The ID is a member of a group that we use for access and ACL setup. The groups are flat, and other ID's that are a member of it can login fine. It is also located in a sub OU of where we have the ldap search configured in the hub settings.
Workstation logon controls.
In this case there was a userWorkstations attribute set in AD to only allow that ID to login to a few specific workstations.screen.
Since the authentication is being passed through the Primary Hub, that was reason it was getting blocked.
Short term workaround:
- Create a local user with a matching LAN password.