Instead of adding domain users manually to access the Recover Manager Web console, we attempted to your add a domain global security group.
The user logged on is a member of this group. The user wasn't able to authenticate to the site. Can you confirm that this should work as expected?
It looks like you already have the AD group. You want to add this group on RMSP Web Access Admin page instead of adding each user manually. Am I right? This doesn't work. Because we get the user information from HTTP response and check against our internal user database (fill up by RMSP Web Access Admin page). We don't have the user matching through AD groups algorithm for a while. That's why you need to add only user information on this page for a while. Are you sure that we completely have to implement this feature (Ability to add AD group through RMSP Web Access Admin page)?
For Authentication and Authorization, We delegate roles in our organization, so from an administrative perspective I simply need to add one or two groups to this console. The groups are managed by other managers, this simplifies the administration overhead on our team to grant and deny access to users. There are 4 levels of support in our organization, it easier to delegate access and control to each group level rather than each user.This is certainly a plus for the recovery manager console especially in large organizations...In the interim I will be adding the users manually...
Hi Denzil,
Which scope of Sequrity Groups do you use? Global, Domain Local or Universal?
Do you need to support the Distribution Groups?
http://support.microsoft.com/kb/231273
We have about 6 or more domains in our organization so that over 70,0000 users combined.
We use Universal Group and Global Groups, Some of our Security Groups are Mail Enabled