Products
Solutions
Partners
Support
Company
Try Now
Pulse Secure Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Show "Access is disallowed under read-only mode" when trying to add AD group in Role Mapping Rule

dhlao
Occasional Contributor
‎11-02-2016 02:06:AM
‎11-02-2016 02:06:AM

Show "Access is disallowed under read-only mode" when trying to add AD group in Role Mapping Rule

My user account is the administrator of Pulse Connect Secure.

In User Authentication Realms > Role Mapping. Trying to create new rule based on Group membership. Click the Groups button, and I suppose there should be a list of AD groups allow me to select. But it show "Access is disallowed under read-only mode".

Anyone know the meaning ?
0 Kudos
7 REPLIES 7
joepope
New Contributor
‎11-02-2016 06:08:PM
‎11-02-2016 06:08:PM

Re: Show "Access is disallowed under read-only mode" when trying to add AD group in Role Mapping Rule

Did you add the groups to the IVE? Got To Role Mapping to add a new rule. Change the rule based on: to Group Membership and click UPDATE. Drop down to Available Groups and click the GROUPS... button. The Server Catalog for LDAP should show up. Enter the NAME in the box and click SEARCH... button.
Select the Matching DNs and click ADD SELECTED.

If nothing is found make sure the Base DN & Filter is displayed/set correctly (Base DN: dc=yourcompany,dc=com Filter: cn=* (must fit to your AD structure!).
0 Kudos
dhlao
Occasional Contributor
‎11-04-2016 02:04:AM
‎11-04-2016 02:04:AM

Re: Show "Access is disallowed under read-only mode" when trying to add AD group in Role Mapping Rule

The "Access is disallowed" message was showed right after I click "Role Mapping" > click "New Rule" > choose "Group membership" > click "Update" > click "Groups...".

I think the page you mentioned - "The Server Catalog for LDAP" was the one that showed "Access is disallowed".
0 Kudos
dhlao
Occasional Contributor
‎11-04-2016 02:28:AM
‎11-04-2016 02:28:AM

Re: Show "Access is disallowed under read-only mode" when trying to add AD group in Role Mapping Rule

And in Auth Servers settings.
1. Type is LDAP

2. Under "Determining group membership
Base DN: DC=mycompany,DC=com
Filter: cn=
Member Attribute: member
Nested Group Level: 2
0 Kudos
dhlao
Occasional Contributor
‎11-04-2016 02:30:AM
‎11-04-2016 02:30:AM

Re: Show "Access is disallowed under read-only mode" when trying to add AD group in Role Mapping Rule

Filter: cn=GROUPNAME (have triangle blanket at the front and end)
0 Kudos
zanyterp
Moderator
Moderator
‎11-06-2016 01:07:PM
‎11-06-2016 01:07:PM

Re: Show "Access is disallowed under read-only mode" when trying to add AD group in Role Mapping Rule

Please confirm you are using IE & connecting via IP (or using another method in which there would be a certificate mismatch, such as shortname or internal DNS name that is not on the certificate). If yes, that is an expected error due to restrictions in IE that does not automatically send cookies for untrusted sites [sporadically]; you will need to close that pop-up and open it again; it _should_ allow the cookie to be sent that will let you select the groups.
dhlao
Occasional Contributor
‎11-08-2016 06:48:AM
‎11-08-2016 06:48:AM

Re: Show "Access is disallowed under read-only mode" when trying to add AD group in Role Mapping Rule

Use IP address to access the admin page do the tricks. By the way, the SSL cert of the domain was expired. So it always show Certificate error.
0 Kudos
zanyterp
Moderator
Moderator
‎11-08-2016 08:57:PM
‎11-08-2016 08:57:PM

Re: Show "Access is disallowed under read-only mode" when trying to add AD group in Role Mapping Rule

Glad to hear you are able to connect to pull the groups
0 Kudos
© 2017 Pulse Secure, LLC. Use of this website assumes acceptance of our Legal Notices and Privacy Policy. Pulse Secure has updated its Privacy Policy effective June 28, 2017.