Hi,
Client have configured GlobalSubmit software to use Domain authentication and setup some permissions using 3 domain groups (application-Admins, application-Publishers and application-Reviewers).
The Active Directory address is configured as LDAP://dc=child,dc=contoso,dc=com
When we are using the system, we are having the following 2 problems and they are not consistent:
1.Sometimes an error is displayed with the message “Error resolving active directory user”.
2.Sometimes the Permissions within the system are not applied correctly based on the permissions defined for the 3 domain groups within GlobalSubmit. It seems as if the user is not being identified as a member of any of
the domain groups referenced above.
In working with the vendor for GlobalSubmit, we implemented the Active Directory tospecific domain controller instead of child.contoso.com. While doing this we did testing with the following domain controllers and saw the issues with some of the domain controllers:
DC21 - No Issues were identified
DC22 - No Issues were identified
DC20 - Permissions were not applied based on the permissions assigned to the domain groups
DC23 - Permissions were not applied based on the permissions assigned to the domain groups
DC24 - Permissions were not applied based on the permissions assigned to the domain groups
As the issue seems to be with the Domain Controllers, the vendor is not able to provide further support to identify the cause.
=======
Above is client query regarding domain controllers.
My troubleshooting steps are below:
Run dcdiag /e /v>dcdiag.txt ==> Output don't provide any issue
Checked the application server and its pointing to correct DCs at its site & subnet.
==========
I am suspecting the Global Submit application coding algorithm But before taking call with Vendor, I want to make sure from Domain controllers part.
any help would be appreciated..