Jump to content

Protected users security group


Go to solution Solved by Jason Misleh,

Recommended Posts

Hello,

The connection to the UEM console does not work for synchronized accounts that are members of the Active Directory “Protected users” group (https://learn.microsoft.com/en-us/windows-server/security/credentials-protection-and-management/protected-users-security-group).
The error is as follows: The supplied credential is invalid

We think this is because ACC uses NTLM.
In the “Directory services” settings, we have chosen “GSS-Negotiate” for authentication mode.
When we want to use Kerberos, we get the following error: Directory call failed. System.DirectoryServices.Protocols.LdapException: Error code:82 User Name: Error Details:

What settings do we need to make in order to use Kerberos?
Or how can I connect with “protected users” accounts?

Link to comment
Share on other sites

  • Replies 2
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

  • Employee
  • Solution

Good Morning,

UEM Console does not currently support Protected Users. This is something that has been noted internally. This is due to the way that Protected User logins occur. You can read more about it here: https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/dn466518(v=ws.11)

If you need more information, I would suggest opening an SR and/or a Feature Request. 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...