User cannot login using DOMAIN\USERNAME if he is part of a Domain Local usergroup. How to solve it?
Problem
User cannot login using DOMAIN\USERNAME if he is part of a Domain Local usergroup.
Cause
AD limitation
Workaround
Use the USERNAME@DOMAIN
Solution
Promote group to Universal or Global.
Replicating
-
Create an AD Group of the type Security > Domain Local
-
Add one user to the Group
-
Import the Group into Orchestrator
-
Try to login using DOMAIN\USERNAME
-
Fail!
-
Try to login using USERNAME@DOMAIN
-
Success!