Hello all,
this is my first time in the forums, I have a weird issue which i'm worry because if this don't work my boss won't use untangle for our company which will be a pity because untangle is a great software, any way this is whats happening:
I have installed the ad connector and the policy manager trial when untangle pulls all the AD users won't show all the users no matter where I point it always doesn't show all the users in any container or OU, well so what I did was that if I create a new user and pull the list again the new user is shown in the list. well this is crazy all the communication between the untangle and ad server is ok the only difference in this AD setup is that all the AD info in our tree was migrated from netware 6.0 and I noticed that any user created before the migration are the one that untangle cannot see only anything created after the migration is shown on the list. have anybody seen this? is this a bug?
Please help I don't want to go with any other solution I rather have my boss pay for the Professional Package and not give the money away for a close solution.

thanks.

It does not show user accounts who are locked or have no password. This is the most common cause of this scenario. Does this seem to explain what you are seeing?

The policy manager of AD connector will work regardless of if the users show up in this list. The list is only for remote access portal.

How would the user names get assigned to the policy mapping without showing up in the name section of the ad test?

How would the user names get assigned to the policy mapping without showing up in the name section of the ad test?

Good point amac I had forgotten about that, it is obviously most convenient if they show up from AD, but you can also manually enter the names into the local directory.

Hello all, thanks for the reply...

"It does not show user accounts who are locked or have no password. This is the most common cause of this scenario. Does this seem to explain what you are seeing?"
this is not the case in my situation.

Originally Posted by amac View Post
How would the user names get assigned to the policy mapping without showing up in the name section of the ad test?
Good point amac I had forgotten about that, it is obviously most convenient if they show up from AD, but you can also manually enter the names into the local directory.

ok, so how creating user localy relates with active directory?
so If I understand even that the users are not being shown in the AD list you can add a user locally then untangle will map that user with AD?

thanks.

Just found this out, looks like untangle doesn't pick up users that have passwords that are set to never expire.... could that be it?

@amac: I doubt it. I'm having a similar issue where usernames that I know are in AD are not showing up in the UT AD list (including my own). My username is set to never expire the password, but our senior network engineer's password is set the same way, and his username shows up in the list.

Is there a limitation on the number of usernames returned in the LDAP queries from AD?

The rules for who shows up:

1. Normal account
2. Non-expired account
3. Password is required
4. User must be able to change their own password
5. They cannot be locked out