Skip to Content
author's profile photo
Former Member

BOXI 3.1 - user member of different groups between nodes in same cluster

Hi,

The past few days we noticed something weird, our BOE 3.1 SP 2.5 uses SSO via Kerberos and synchs with our AD setup. Now we see that sometimes the changes on group membership on AD are synched on our BOE environment, but the change is only visible on one node of the cluster. And depending on which node the end user ends up at logon, he can or can not access certain items because of this discrepancy on the nodes.

Has anyone else encountered this problem and managed to solve this.

Thank you for the help

Guy

Add comment
10|10000 characters needed characters exceeded

  • Follow
  • Get RSS Feed

2 Answers

  • Best Answer
    author's profile photo
    Former Member
    Posted on Apr 30, 2011 at 07:10 AM

    I think I had something similar happening.

    If a user was changing groups, the changes were only happening in BO after I rebooted the servers.

    I think it's a bug in 3.1 with AD authentication.

    In the autentication tab, in the CMC, check "Create new aliases only when the user logs on".

    Also if this doesn't fix the issue, check if your Schedule AD Group Graph Updates are set up on both servers.

    Add comment
    10|10000 characters needed characters exceeded

  • author's profile photo
    Former Member
    Posted on May 03, 2011 at 01:42 PM

    Hi,

    The "Create new aliases only when the user logs on" was already checked, and the AD group graph updates were set on both nodes.

    If we encounter the problem again we'll try the synch on the node that's missing the updated information.

    Regards

    Guy

    Add comment
    10|10000 characters needed characters exceeded