Skip to main content
Solved

Users going to disabled status AD

  • November 22, 2022
  • 3 replies
  • 206 views
ketiller
Jr Varsity III
Forum|alt.badge.img

Hello,

We currently have an Active directory linked to our Acumatica user base, we have noticed over the past year users have entered the status “Disabled”, do you know what would cause this, is Active Director pushing something to Acumatica that would be causing this?

Thank you

Best answer by eudescoelho29

Hi Ketiller,

If I understood correctly, your instance shows several domain users with status disabled. 
My suspicion is the absence of rules mapped to the group those users are members of in AD.

A bug was detected a while ago in Acumatica by which a user would try to sign on to Acumatica though AD. At this point , if the instance did not find any role mapped to the group the user is a member of, the instance would deny the sign in but a domain user profile would be created anyway. 

I am not sure if that was corrected in more recent versions. In any case, do check those disabled profiles to confirm whether or not those users belong to an AD group that is mapped to a user role in Acumatica.

View original
Did this topic help you find an answer to your question?

3 replies

E
Semi-Pro II
Forum|alt.badge.img+1

HI Ketiller,

 

I have 4 customers using SSO with Azure Active Directory for a while by now and none have reported those symptoms. 

Having said that, I assume you Acumatica instance is setup with SSO with AD. This means that your Acumatica instance may have native users and domain users. Which ones are with disabled status ? Native users or domain users? 

Cheers

EC
Chris Hackett
1 person likes this
  • Chris Hackett
    Chris Hackett
ketiller
Jr Varsity III
Forum|alt.badge.img
  • ketiller
  • Author
  • Jr Varsity III
  • 37 replies
  • November 28, 2022

@eudescoelho29 Thank you for the reply, we have typically seen this from the domain users. Confirming that we do have Native and Domain users, with 98% of users being domain.

 

Thank you,

E
Semi-Pro II
Forum|alt.badge.img+1
  • eudescoelho29
  • Semi-Pro II
  • 61 replies
  • Answer
  • November 29, 2022

Hi Ketiller,

If I understood correctly, your instance shows several domain users with status disabled. 
My suspicion is the absence of rules mapped to the group those users are members of in AD.

A bug was detected a while ago in Acumatica by which a user would try to sign on to Acumatica though AD. At this point , if the instance did not find any role mapped to the group the user is a member of, the instance would deny the sign in but a domain user profile would be created anyway. 

I am not sure if that was corrected in more recent versions. In any case, do check those disabled profiles to confirm whether or not those users belong to an AD group that is mapped to a user role in Acumatica.

EC
Laura02
Chris Hackett
2 people like this
  • Laura02
    Laura02
  • Chris Hackett
    Chris Hackett

Reply


Most helpful members this week

Terms & ConditionsCookie settings

Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings
About Acumatica ERP system
Acumatica Cloud ERP provides the best business management solution for transforming your company to thrive in the new digital economy. Built on a future-proof platform with open architecture for rapid integrations, scalability, and ease of use, Acumatica delivers unparalleled value to small and midmarket organizations. Connected Business. Delivered.
© 2008 — 2024  Acumatica, Inc. All rights reserved