Configuring Active Directory with SignUp Vx2 - LAN Accounts

Problem:

SignUp is configured with LAN accounts authenticating against Active Directory. Authentication is failing against the Active Directory.

We have set up user rights with the below options.

  • log on as a batch job

  • log on locally

  • log on as a service

  • act as part of the operating system

Authentication only works if the group policy setting to "Allow users to read Group Policy" check box is ticked. The customer does not want this policy permission enabled. The Signup Service runs under the System account.


Answer:

  1. Give the System account the correct Group Policy setting.

  2. Run the Signup Service with a Domain Admin account.