Description
After importing an LDAP group to the Vital Security Appliance NG and assigning a security policy to it, the users under this group are not being assigned to this security policy.
Symptoms
In the example below, the “Users” group is a primary group in the LDAP server and “Support_Finjan” group is a secondary group. The user Earkush is assigned to both groups.
Cause
Most LDAP problems occur when the administrator tries to assign the security policy to the primary group of users. The default primary group is Domain Users but it can be changed. Microsoft Active Directory doesn’t display primary group information in LDAP queries so it can’t be used for assigning security policy.
- This article applies to:
- NG 1000
- NG 5000
- NG 8000
- This article was previously published as:
- Finjan KB 1165