Submit a ticketCall us

WebinarFREE IT Monitoring Webcast

Don’t miss out on our webcast, Essential IT Monitoring with SolarWinds ipMonitor, where we will show you how to keep an eye on your IT environment from one centralized, affordable, and lightweight monitoring tool: SolarWinds® ipMonitor®.

Register now.

Home > Success Center > Log & Event Manager (LEM) > LEM - Knowledgebase Articles > Active Directory login fails when using existing group

Active Directory login fails when using existing group

Table of contents

Updated: October 5, 2018


Active Directory (AD) users cannot log in to LEM when using one of the existing default groups in AD.


LEM version 6.3.1 and later


When logging to the LEM web console with AD credentials, it is important that the user account in AD is not a member of the Primary group which is different than the group used for LEM administrators (for login).

See the article for configuring the LDAP connection for logging to the LEM console using AD credentials: Set up Active Directory authentication in LEM

  • To configure LDAP configuration: access LEM through https://<hostname-of-lem:8443/mvc/login
  • The optional Admin Group (specified as one of the default AD groups) can specify the Active Directory group that would have admin login to the LEM GUI-console.

On a domain controller:

  1. Open Active Directory Users & Computers.
  2. Select the user to log in to the LEM web console.
  3. Right-click and select the Member Of tab.

    Note the Primary Group, which should not be the same group of users that that are able to log in to the LEM web console.

  • If it is the same, be sure to change it.
  • If for some reason you are unable to change the group membership, you would need to use another group or create a group of the users that will log into the LEM GUI-console.


Last modified