Print this page

When going through Identity Connect setup process no groups show in Groups Authorized to Administer Identity Connect

Knowledge Article Number 000188070
Description This article goes over a issue one may encounter during the initial setup of Identity Connect. For further clarification on any of the information below please refer to the Identity Connect Implementation Guide (identity_connect_impl_guide.pdf).
 

 
Resolution During the Identity Connect setup process the first thing that needs to be completed is setting up the Data Source for the Active Directory connection.
 
User-added image
 
Once all the required values for the Data Source screen are filled in the next step is to select the Validate Settings button. Doing so will verify the connection information entered is correctly and is valid. After this has been verified to be ok a screen will come Groups Authorized to Administer Identity Connect .

It is here where the Active Directory groups which Active Directory users must me a member of in order to be able to login to the Identity Connect Administrator are specified.  On this screen when clicking the User-added image button to show all Active Directory groups nothing shows.
 

User-added image
 
One of the reasons this may occur is because a Base DN which points to the Active Directory groups you will be using was not added as a base context on the Identity Connect Data Source screen (see first screen shot).
 
The solution is to add another base context which points to the Active Directory path where the groups users are members of are located. In the example given in this article here is a screen shot of the Active Directory tree showing where the Active Directory groups being used are located.
 
User-added image
 
In this case we want to add the following new base context to the in the setup of the Data Source.
 
OU=Groups,DC=testsync,DC=Salesforce,DC=com
 
five.jpg
User-added image
 
After making this change select the Validate Settings button again. Again, this will verify the connection information entered is correct.  This time, the screen which comes up to specify the Active Directory groups Active Directory users must me a member of in order to be able to login to the Identity Connect Administrator, should show all groups when clicking on the User-added image  show all Active Directory groups button.
 

User-added image
 
 
 
 
 




promote demote