AD Configuration

Symptom: After changing the AD, the administrators can not log in to Key Manager

Key Manager searches the Active Directory set in Settings→General→Authentication for groups. The Administrator role has the group mapped to it in Accounts→Roles as explained in the PrivX Key Manager Installation Manual.

You must make sure the new AD has a group set for Administrator use with the same group name as the old one. All users who are intended to have Key Manager access must be found in this group.

Alternatively, you can log in to the Key Manager with the superuser account, and change the Role mapping on Accounts→Roles page to map a new AD group to the Administrator Role.

If you want to add back a previously removed AD, you must manually remap the roles to AD groups as explained in PrivX Key Manager Installation Manual, as well as restore the the application owner mapping ldap_domain field using command-line like in the following example:

# ssh-mgr-client modify-application-owner-mapping -i l ldap_domain=EXAMPLE_AD

For more information about troubleshooting AD configurations, see the PrivX Key Manager Installation Manual appropriate for your Key Manager Server platform.

Symptom: After changing the AD, the administrators can not log in to Key Manager​

Symptom: After changing the AD, the administrators can not log in to Key Manager