Forefront UAG 2010 - Authorization: missing domain groups/members

Hi,
 
I'm trying to configure specific application access based on a group of users but I cannot see most of my custom domain groups/users. The generic ones exists i.e. Domain Admins but I'm missing a whole chunk of security groups and users from our domain and I really can't see why they would be missing.

They're held in a custom OU where there's a few subfolders of OUs.

I've tried selecting the Show Users & Groups (include subfolders) option but that makes no difference apart from adding a blank named folder to the top level that I cannot navigate into.

There are some users in there that we created. Room Mailbox users for resource bookings etc. but I don't seem to be able to see any of the main users/groups we have set up.

Any ideas?

Thanks in advance.
itmtsnAsked:
Who is Participating?
 
Keith AlabasterConnect With a Mentor Enterprise ArchitectCommented:
Looks like I was typing a response to your initial post during which you posted your update.

Still would like confirmation that you have deployed both SP1 and at least rollup 1 for SP1 to the UAG box please.
http://blogs.technet.com/b/edgeaccessblog/archive/2010/10/21/announcing-forefront-uag-2010-service-pack-1.aspx

http://support.microsoft.com/kb/2475733

0
 
itmtsnAuthor Commented:
Update: We've worked out that we can only see groups in the Users container in AD. If I add a group into the default Users Container then make the actual group I want to see a member of that group I can apply the rights I want.
0
 
Keith AlabasterEnterprise ArchitectCommented:
I assume you are running UAG 2010 SP1?
Are you missing these additional AD groups on ALL UAG trunks you have created or just this one? If just this trunk, have you selected the same authentication server as previously?
0
Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

 
itmtsnAuthor Commented:
It was my error. On the authentication server the wrong Base DN was set. It was looking straight at the Users container and not the top level domain.

Thanks for the suggestions. By going back and revisiting the authentication server I found the problem.
0
 
itmtsnAuthor Commented:
Sorry Keith. Yep it was running both SP1 and the update. With your suggestion it made me go back and look through the authentication settings as something seemed to be wrong. So thanks for the suggestion.
0
 
itmtsnAuthor Commented:
Question answered. Found the fault
0
 
Keith AlabasterEnterprise ArchitectCommented:
Welcome and glad it's sorted
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.