cancel
Showing results for 
Search instead for 
Did you mean: 

Way out of practice

SOLVED
Will_Bonville_
Occasional Contributor

Way out of practice

Back in my consulting days, I use to do installs of SA700's on a regular basis but whhooooaaaa i'm out of practice.

Here is what i'm trying to do with an SA2500

Group A gets access to Group A roles

Group B gets access to Group B roles and so on down the line

At present, I have set up a basic start page, when users log in they get access to OWA and SAM however I want to be able to have say, Domain admins (there is a user role for this, assigned to the domain admins group) to log in and have different resource access. This however does not work. When I log in (I am domain admin), I get the same start page as everyone else and it is driving me nuts. I did this once in my consulting life but for the life of me cannot remember how to do it.

Anyone give a guy a hand?

1 ACCEPTED SOLUTION

Accepted Solutions
muttbarker_
Valued Contributor

Re: Way out of practice

Sounds like a problem with your role mapping. The "easiest" way to troubleshoot this is to see what happens to each user type when they login - what are they assigned to role wise. I would go to troubleshooting/user sessions/policy trace - turn this on for the user and see what roles they are assigned to when they login.

Perhaps your role mapping is allowing for all users to access the domain admin role based on a mistaken match condition or something like that.

So do a little debugging and post your results! Have fun......

View solution in original post

1 REPLY 1
muttbarker_
Valued Contributor

Re: Way out of practice

Sounds like a problem with your role mapping. The "easiest" way to troubleshoot this is to see what happens to each user type when they login - what are they assigned to role wise. I would go to troubleshooting/user sessions/policy trace - turn this on for the user and see what roles they are assigned to when they login.

Perhaps your role mapping is allowing for all users to access the domain admin role based on a mistaken match condition or something like that.

So do a little debugging and post your results! Have fun......