powered by Jive Software

Log On To -Active Directory Restriction keeps SPARK Users from Logging into App

Hello everyone-

Hopefully this isn’t a repetitive Question as I was unable to find the Response. We have Discovered that if we set “Log On To” Restriction for a user in Active Directory, that they are no longer able to log into SPARK with their Credentials. However, once we take that restriction away, they are able to login with no problem. We really need this set though so we can keep others from logging into another users PC without Permission. If you know the Solution Let me know.

Running:

OpenFire 4.1.5

Spark 2.8.3

Active Directory LDAP Settings.

Smack Version: 4.1.9

JRE: 1.8.0_121

I guess Log on to means only being able to logon to the pointed resource, which is this domain joined PC. But Spark is being treated as a separate resource. I wonder if users are still being able to login to other resources like SharePoint sites after they login to PC. @speedy any insights?

The authentication request is likely coming from the openfire server and not the client. add the openfire server as an allowed “log on to” computer

that was one of my Thoughts Honestly, but when I added the Server to the allowed List, It still would not pass along. Is anyone willing to test this in their Environment and see if you have the same results? Just curious if it is something weird going in our Environment.

I just tested this. instead of add the user restriction to allow the openfire, add the DC that openfire is authenticating against. this workaround worked for me.