This question was originally posted on DCIM Support by Chris Gray on 2019-12-06
In short, we had a working group using an LDAP bind to our AD, this connection was made to a single AD server. This server was then retired, I was not informed about it's retirement. I was then unable to log in using my AD credentials.
I've established a new LDAP connection, and have added 'different' AD groups and have assigned them rights and I'm able to log in using my AD credentials.
The issue I'm seeing, is the AD group that was bound from the old domain controller that was retired can not be removed from the System > Users and Device Group access. When attempting to delete the group I get a message stating that there was 'An error attempting to delete this group'. When viewing this group, it's not showing any information in the 'type' column, unlike all of the other groups. This is likely a result of the rug being pulled out from the DCE server's LDAP connection, is there a way to delete this group?
Solved! Go to Solution.
This answer was originally posted on DCIM Support by Steven Marchetti on 2019-12-06
Yes, that's a known issue. There are 2 ways to get rid of the old bind listing, neither of them really simple.
1: you can re-add your AD server at the old IP (in the same configuration) for just a short period of time so that DCE can connect and subsequently delete that listing.
2: you'll need to contact tech support directly. If they're allowed remote access to your system, they should be able to remove that listing. Sorry but root access is restricted and that is required to remove these entries.
This comment was originally posted on DCIM Support by Chris Gray on 2019-12-09
Thanks Steve, I've contacted support and will reconnect with them later in the week.