Skip to main content

Domain Admin cannot logon to Management Server

Thread needs solution
Regular Poster
Posts: 34
Comments: 126

Hey there,
I have a strange behaviour.

I installed ABA 12.5 management server (most recent build).
The local group of Acronis Centralized Admins has thedomain admin as a user and also the domain admin group as a member.
So I would expect, that I can logon as Domain Admin to the management console.
But his is not possible.

I must add the Domain Admin to the group of Administrators in the Management Console and then I am able to logon.

Can anyone confirm this?
Why does it not work as the group and the user itself are members of the upper mentioned grup that Acronis built during installation?
I am using a german version of Windows server 2012R2, so the Group name of the Domain Administrators contain a german Umlaut as it is named "Domänen-Admins". Is this a problem?

Regards
S.

0 Users found this helpful
Forum Member
Posts: 5
Comments: 69

#1

Hi Sven!

I had issues in Acronis 11.7 where nesting groups didn't work (e.g. adding the local administrator group in the required acronis group, then having a user which was part of the administrator group didn't work. I had to add the user explicitly to the acronis groups)

Also, have you tried also including the domain admins in the Acronis ApiGateway users?

EDIT: I have just tested, that if the domain admin group is part of the following groups, a user who is part of the domain admins group can log in without expicitly adding them within the management console:

  • Local administrators
  • Acronis Remote Users
  • Acronis Centralized Admins
  • Acronis ApiGateway Users

(This is on the machine where AMS is installed)

-- Peter

 

Regular Poster
Posts: 34
Comments: 126

#2

Hey Peter,
I did some additional tests.
First I did was, that I remove the domain admin from the list of administrators within MMS:

Then I tried to logon to MMS in 2 ways:

a) I connect via Remote Desktop to the VM on which the MMS is installed and logged on locally.
b) I connect via LAN to the Webconsole using the VM machine name.

I am absolutely sure, thet yesterday it was only possible to logon with the domain admin via scheme a).
b) was not possible and I had to add the domain admin to the list of Administrators manually to be able to logon with the domain admins credendtials with both schemes.

The only thing I can imagine ist, that the logoff/logon repaired it.

Is this a possible reason ?

Currently I have only the Acronis Centralized Admins in the list of Administrator in MMS and it works to logon locally (a) ) and remote (b) ).

 

S.

Support specialist
Posts: 0
Comments: 828

#3

Hello Sven.

By default there are Administrators and Acronis Centralized Admin groups are created. Domain Admin are not added to any of these groups by default, this is up to your choice. 

Please consult the respective chapter in the documentation:  https://www.acronis.com/en-us/support/documentation/AcronisBackup_12.5/#39120.html

Regular Poster
Posts: 34
Comments: 126

#4

Maria,
strange but I am quite sure, that the domain admins were in the group of Acronis Centralized Admins after the installation.
This was the reason why I was wondering why it does not work as the domain admins group was in the Acronis Centralized admin group.

 

Greets
S