When logging into a Remote 32bit Console, the following error appears:
- "username is not a member of the LANDesk® Management Suite Group. (User Authentication Error -500)"
- Your Core is joined to an Active Directory Domain.
- The account you are using to log into the Remote Console is included in an Active Directory group in the LANDesk® Management Suite Group.
- You are using the correct nomenclature during Console login: domain\username
- You are able to log in, ONLY after explicitly adding your Active Directory account in the LANDesk® Management Suite Group.
Enumeration of AD Groups requires the credentials used to log into the remote computer. The Console verifies if the username is explicitly added into the LANDesk® Management Suite Group when logging into the Remote Console . If the username is not detected, then the Remote Console tries to enumerate the AD groups.
The error 500 is generated because the Remote Console does not use the credentials used for the Console login when performing the Active Directory group enumeration. Instead the Remote Console is designed to use the credentials supplied in the thread process (Usually credentials used to log into the computer). The login will fail and generate an error -500 if the user logged into the computer is a non domain account (Workgroup, local account, E-Directory, etc...).
If you are logged in on a non-domain account, but your domain account is explicitly added to the LANDesk® Management Suite Group, then you can log in. There will still be some restrictions. If you open the users tool, some users will show with a red X because they are in a group which your Computer account can not enumerate.
You can uses either of these options to log into the Remote 32bit Console:
- Join the Workstation running the Remote 32bit Console to the Domain.
- Explicitly add the Active directory user into the LANDesk® Management Suite Group