Skip to main content

Hello,

We currently have an Active directory linked to our Acumatica user base, we have noticed over the past year users have entered the status “Disabled”, do you know what would cause this, is Active Director pushing something to Acumatica that would be causing this?

Thank you

HI Ketiller,

 

I have 4 customers using SSO with Azure Active Directory for a while by now and none have reported those symptoms. 

Having said that, I assume you Acumatica instance is setup with SSO with AD. This means that your Acumatica instance may have native users and domain users. Which ones are with disabled status ? Native users or domain users? 

Cheers


@eudescoelho29 Thank you for the reply, we have typically seen this from the domain users. Confirming that we do have Native and Domain users, with 98% of users being domain.

 

Thank you,


Hi Ketiller,

If I understood correctly, your instance shows several domain users with status disabled. 
My suspicion is the absence of rules mapped to the group those users are members of in AD.

A bug was detected a while ago in Acumatica by which a user would try to sign on to Acumatica though AD. At this point , if the instance did not find any role mapped to the group the user is a member of, the instance would deny the sign in but a domain user profile would be created anyway. 

I am not sure if that was corrected in more recent versions. In any case, do check those disabled profiles to confirm whether or not those users belong to an AD group that is mapped to a user role in Acumatica.


Reply