Common Data Centre Security & UMC - Ad login failure
Hi,
In this article, I will cover how to troubleshoot a very common error that occurs when enabling Active Directory within DCS. It's not always obvious from the UMC logs that this is the issues you're encountering.
In this case, the issue is a missing or mismatched UserPrincipalName against the user's AD records. Without this value DCS integration with AD will not work and the user will not be able to login.
One of the main concerns with this issue is that, once you enable AD integration in UMC, the dcsadmin account is disabled. Thus you may have potentially lost access to your DCS estate - which is a major concern, especially when Active agents are on the ground.
This article takes it from the point where you have enabled AD login, created a number of AD users within the DCS UMC console, but you cannot log in to the UMC console.
Missing or mismatched User Principal Name
Under ..\umc\logs\umc.logs you may see errors such as "looking for UPN" or "retrieving token for userA" but you're still not able to log in.
Thanks,
Kev