When going through Identity Connect setup process no groups show in Groups Authorized to Administer Identity Connect
|Knowledge Article Number||000188070|
|Description||This article goes over a issue one may encounter during the initial setup of Identity Connect. For further clarification on any of the information below please refer to the Identity Connect Implementation Guide (identity_connect_impl_guide.pdf).
|Resolution||During the Identity Connect setup process the first thing that needs to be completed is setting up the Data Source for the Active Directory connection.
Once all the required values for the Data Source screen are filled in the next step is to select the Validate Settings button. Doing so will verify the connection information entered is correctly and is valid. After this has been verified to be ok a screen will come Groups Authorized to Administer Identity Connect .
It is here where the Active Directory groups which Active Directory users must me a member of in order to be able to login to the Identity Connect Administrator are specified. On this screen when clicking the button to show all Active Directory groups nothing shows.
One of the reasons this may occur is because a Base DN which points to the Active Directory groups you will be using was not added as a base context on the Identity Connect Data Source screen (see first screen shot).
The solution is to add another base context which points to the Active Directory path where the groups users are members of are located. In the example given in this article here is a screen shot of the Active Directory tree showing where the Active Directory groups being used are located.
In this case we want to add the following new base context to the in the setup of the Data Source.
After making this change select the Validate Settings button again. Again, this will verify the connection information entered is correct. This time, the screen which comes up to specify the Active Directory groups Active Directory users must me a member of in order to be able to login to the Identity Connect Administrator, should show all groups when clicking on the show all Active Directory groups button.