Unable to log on to the ePO console (Active Directory user in 'Protected Users Security Group')
Last Modified: 2023-06-16 13:01:51 Etc/GMT
Affected Products
Languages:
This article is available in the following languages:
Trellix CEO, Bryan Palma, explains the critical need for security that’s always learning.
As per Gartner, "XDR is an emerging technology that can offer improved threat prevention, detection and response."
Trellix announced the establishment of the Trellix Advanced Research Center to advance global threat intelligence.
Trellix Advanced Research Center analyzes threat data on ransomware, nation-states, sectors, vectors, LotL, MITRE ATT&CK techniques, and emails.
As of May 14, 2024, Knowledge Base (KB) articles will only be published and updated in our new Trellix Thrive Knowledge space.
Log in to the Thrive Portal using your OKTA credentials and start searching the new space. Legacy KB IDs are indexed and you will be able to find them easily just by typing the legacy KB ID.
Unable to log on to the ePO console (Active Directory user in 'Protected Users Security Group')
Technical Articles ID:
KB94344
Last Modified: 2023-06-16 13:01:51 Etc/GMT Environment
ePolicy Orchestrator (ePO) 5.x Microsoft Windows Server 2019 Microsoft Windows Server 2016 Microsoft Windows Server 2012 R2 Problem
The Other accounts such as ePO-users (non-Active Directory authentication) are successful. Users see the error below when they try to log on to the ePO console (locally or remotely): NOTE: The credentials provided are correct and valid. The error below is recorded in the ERROR [http-nio-8443-exec-10] server.OrionLoginModule - Failed to login because auto-creation failed for user: 'domain\username' Cause
This issue is a limitation of the Windows Server Domain, with the For more information, see this Microsoft documentation. Solution
Remove the accounts needed to log on to the ePO Console from the Protected Users Security Group. NOTE: ePO doesn't support the Protected Users Security Group feature of Microsoft Security Advisory. To request support for this feature in a future release, submit a product idea. To submit a new product idea, go to the Enterprise Customer Product Ideas page.
Click Sign In and enter your ServicePortal User ID and password. If you do not yet have a ServicePortal or Community account, click Register to register for a new account on either website. For more information about product ideas, see KB60021 - How to submit a Product Idea. Workaround
As an alternative, you can use ePO Authentication instead of Windows Authentication.
Affected ProductsLanguages:This article is available in the following languages: |
|