Supported Active Directory scenarios in the Orion Platform
This topic applies to all Orion Platform products.
The following Active Directory login scenarios are supported for SolarWinds products using the latest version of the Orion Platform.
- Use a group account from the domain where the Orion Platform product server is located. This group contains a user from the trusted domain. Log in with this user.
- Use a group account from the domain where the Orion Platform product server is located. This domain is trusted by the domain in which the Orion server is located. This group contains a user from the domain of the Orion server. Log in with this user.
- Active Directory authentication is performed by the web service. If you need to authenticate users from an AD forest other the one to which your primary SolarWinds server belongs, you must have an Additional Web Server in the AD forest wherein the users to be authenticated exist.
|Local Login Required?||Network Atlas and
Unmanage Utility Login Supported?
|Login with "Orion Server" domain AD account||Yes||
LogonFallback must be enabled.
|Login with "Orion Server" domain Group AD account|
|Login with trusted domain AD user||No|
|Login with trusted domain AD Group User|
|Login with "Orion Server" domain Group AD account (group user belongs to trusted domain)|
|Login with trusted domain Group AD account (group user belongs to "Orion Server" domain)||No||N/A|
|Login with AD user or Group user from a foreign AD forest||
Yes, when LDAP is enabled
No, without an Additional Web Server
|Login with AD Federation Services (Orion Platform 2018.4)||Yes||Yes||No|
LogonFallback must be enabled when the Active Directory user of the Orion Web Console does not have local login rights to the web server.
- Locate the file
web.configon the server hosting your Orion Web Console.
The default location is
- Create a backup of
- Locate row
<add key="LogonFallback" value="false" />.
- Restart your SolarWinds website in Internet Information Services Manager.