Supported Active Directory scenarios

The following Active Directory login scenarios are supported for SolarWinds products using the latest version of the Orion Platform.

Use a group account from the domain where the Orion Platform product server is located. This group contains a user from the trusted domain. Log in with this user.
Use a group account from the domain where the Orion Platform product server is located. This domain is trusted by the domain in which the Orion server is located. This group contains a user from the domain of the Orion server. Log in with this user.
Active Directory authentication is performed by the web service. If you need to authenticate users from an AD forest other the one to which your primary SolarWinds server belongs, you must have an Additional Web Server in the AD forest wherein the users to be authenticated exist.

Scenario	Web Console Login Supported?	Local Login Required?	Network Atlas and Unmanage Utility Login Supported?
Login with "Orion Server" domain AD account	Yes	No LogonFallback must be enabled.	Yes
Login with "Orion Server" domain Group AD account			Yes
Login with trusted domain AD user			No
Login with trusted domain AD Group User
Login with "Orion Server" domain Group AD account (group user belongs to trusted domain)¹
Login with trusted domain Group AD account (group user belongs to "Orion Server" domain)²	No	N/A
Login with AD user or Group user from a foreign AD forest	Yes, when LDAP is enabled No, without an Additional Website³	N/A

Enable LogonFallback

LogonFallback must be enabled when the Active Directory user of the Orion Web Console does not have local login rights to the web server.

Locate the file web.config on the server hosting your Orion Web Console.
The default location is c:\inetpub\SolarWinds\.
Create a backup of web.config.
Locate row <add key="LogonFallback" value="false" />.
Set value="true".
Save web.config.
Restart your SolarWinds website in Internet Information Services Manager.