You are viewing limited content. For full access, please sign in.

Question

Question

Getting a Permission Denied 9013 - RIO - Windows Accounts.

Security Licensing
Updated September 10, 2015
asked on September 10, 2015 Show version history

I have a RIO installation that I am running LFDS and have created two AD groups.

LF-License-Full

LF-License-Read

I have divided all users between those groups. Then I have created an organization in LFDS to place the members in. After that I created an Identity Provider and attached to their AD and created two rules, one for each other groups listed above. After that I checked my orgs members list and everyone spooled in and looks good.

 

After that I cut a license for the RIO LF server, created the DB. From there I went into AD and created 9 groups for the employees that will be accessing this DB.

LF-DBNAME-Administrators

LF-DBNAME-Scanners

LF-DBNAME-Directors

LF-DBNAME-CaseWorkers

ETC ETC you get the idea.

I added all the users into their corresponding groups, while confirming each time that they existed in one of my groups listed above synced with LFDS server.

 

After that I went into the admin console and added those 9 AD groups in the Windows Accounts area and set them all and trusted. Once I did that I logged into one of the PCs as my user and tried to open LF. When I did I get a permission denied access denied 9013 error. This is the detail from the message.

Error Code: 9013
Error Message: Permission denied.
Access denied. [9013]

------------ Technical Details: ------------

LF.exe (9.2.0.343):
    Call Stack: (Exception)
        CLoginDialog::AttemptLogin
        CLoginDialog::LoginToServer
        CLoginView::LoginHandler
    Call Stack: (Current)
        CLoginDialog::LoginToServer
        CLoginView::LoginHandler
    Additional Details:
        Exception: 0x80042335 [9013] (Permission denied.) (CLoginDialog::AttemptLogin at LoginDialog.cpp:790)
    Call History:
          CLoginDialog::AttemptLogin
           GetOptionString ([Settings]CheckServerVersion)
        LFFlushPrivateProfile
        CLoginView::LoginHandler
         CLoginDialog::LoginToServer
          GetOptionString ([YCGCIMAGINGSettings]AdminNoPassword)
          CLoginDialog::AttemptLogin
           GetOptionString ([Settings]CheckServerVersion)

 

I check the help file and it details that if a group is added under Windows Accounts the members of that AD group will also get access but that doesn't seem true. I know because when I add my user separately outside of the groups and mark it trusted I am able to login to the DB. So that at least proves the LFDS piece is operating as expected...I believe.

 

Can anyone help?

 

1 0

Replies

replied on September 10, 2015

I can go to another machine and login to the client using domain\username in the client, but not at the server where I need to admin from.

0 0
You are not allowed to follow up in this post.

Sign in to reply to this post.

Details
Related Posts
Loading ...