cancel
Showing results for 
Search instead for 
Did you mean: 

BOXI 3.1 - user member of different groups between nodes in same cluster

Former Member
0 Kudos

Hi,

The past few days we noticed something weird, our BOE 3.1 SP 2.5 uses SSO via Kerberos and synchs with our AD setup. Now we see that sometimes the changes on group membership on AD are synched on our BOE environment, but the change is only visible on one node of the cluster. And depending on which node the end user ends up at logon, he can or can not access certain items because of this discrepancy on the nodes.

Has anyone else encountered this problem and managed to solve this.

Thank you for the help

Guy

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
0 Kudos

I think I had something similar happening.

If a user was changing groups, the changes were only happening in BO after I rebooted the servers.

I think it's a bug in 3.1 with AD authentication.

In the autentication tab, in the CMC, check "Create new aliases only when the user logs on".

Also if this doesn't fix the issue, check if your Schedule AD Group Graph Updates are set up on both servers.

0 Kudos

Hi,

logon to the Node where it is not synched on the CMC. Synch. it manual and check if it works.

Could be a communication/synch. error between the Nodes.

Regards

-Seb.

Answers (1)

Answers (1)

Former Member
0 Kudos

Hi,

The "Create new aliases only when the user logs on" was already checked, and the AD group graph updates were set on both nodes.

If we encounter the problem again we'll try the synch on the node that's missing the updated information.

Regards

Guy