Submit a ticketCall us

Get a crash course on Network Monitoring delivered right to your inbox
This free 7-day email course provides a primer to the philosophy, theory, and fundamental concepts involved in IT monitoring. Lessons will explain not only how to perform various monitoring tasks, but why and when you should use them. Sign up now.

Home > Success Center > Log & Event Manager (LEM) > Active Directory login fails when using existing group

Active Directory login fails when using existing group

Table of contents

Updated March 22, 2017


Active Directory (AD) users cannot log in to LEM when using one of the existing default groups in AD.


LEM version 6.3.1 and later


When logging to the LEM GUI-console with AD credentials, it is important that the user account in AD does not have "member of" Primary group is different than the group used for LEM administrators (for login).


See the article for configuring the LDAP connection for logging to the LEM console using AD credentials:

Set up Active Directory authentication in LEM


To configure LDAP configuration: access LEM through https://<hostname-of-lem:8443/mvc/login


The optional Admin Group (specified as one of the default AD groups) can specify the Active Directory group that would have admin login to the LEM GUI-console.

On a domain controller:

1. Open Active Directory Users & Computers.
2. Select the user to log in to the LEM console.
3. Right-click and select the "Member Of" tab.
Note the Primary Group, which should not be the same group of users that that are able to log in to the LEM GUI-console.

  • If it is the same, be sure to change it.
  • If for some reason you are unable to change the group membership, you would need to use another group or create a group of the users that will log into the LEM GUI-console.


Last modified
19:15, 21 Mar 2017