Submit a ticketCall us

AnnouncementsWeb Help Desk Integrations eCourse

Looking to reduce response times? Sign up for our eCourse to learn how integrating Web Help Desk with Dameware Remote Support, Network Configuration Manager, Network Performance Monitor, and Server & Application Monitor can improve communication efficiencies.

Register here.

Home > Success Center > Log & Event Manager (LEM) > Active Directory login fails when using existing group

Active Directory login fails when using existing group

Table of contents

Updated March 22, 2017


Active Directory (AD) users cannot log in to LEM when using one of the existing default groups in AD.


LEM version 6.3.1 and later


When logging to the LEM GUI-console with AD credentials, it is important that the user account in AD does not have "member of" Primary group is different than the group used for LEM administrators (for login).


See the article for configuring the LDAP connection for logging to the LEM console using AD credentials:

Set up Active Directory authentication in LEM


To configure LDAP configuration: access LEM through https://<hostname-of-lem:8443/mvc/login


The optional Admin Group (specified as one of the default AD groups) can specify the Active Directory group that would have admin login to the LEM GUI-console.

On a domain controller:

1. Open Active Directory Users & Computers.
2. Select the user to log in to the LEM console.
3. Right-click and select the "Member Of" tab.
Note the Primary Group, which should not be the same group of users that that are able to log in to the LEM GUI-console.

  • If it is the same, be sure to change it.
  • If for some reason you are unable to change the group membership, you would need to use another group or create a group of the users that will log into the LEM GUI-console.


Last modified