When a user account is added to the Protected Users Group, the Active Roles Console fails to authenticate the user with the message: The user name or password is incorrect.
Members of the Protected Users group must be able to authenticate by using Kerberos with Advanced Encryption Standards (AES).
Please review the following Microsoft resources for more details on the usage of the Protected Users group:
1.- Refer to the Administration Guide for details on how to configure the Administration Service to support Kerberos authentication:
2.- Enable Kerberos authentication.
3.- Connect to the Active Roles service by using the Active Roles Service FQDN as this will not work if ‘localhost’ is used:
Note: The ARS Admin has to be a local administrator:
© 2024 One Identity LLC. ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center