PS07 - After integration with AD, users can not login on pwa! RRS feed

  • Question

  • Hello,
    I did the syncronization of the Project Server 2007 with Active Directory of the company that I work.
    I asked to "TI area" to create the AD groups and after this I did the sync with Project Server 2007 on PWA.
    No errors occurred, perfect.
    On PWA the users that were synced are showed on the Groups and on Resource Center perfectly.
    The problem is when I try to login on PWA with a new user that was syncronized, the login fail. The users can not login.
    One observation:
    1) I used my account on PWA to syncronize with AD. On PWA I'm the administrator, on AD I'm a single user, but how I can to search and to syncronize with the AD groups on PWA, I think that this isn't the problem, correct?
    Wednesday, June 29, 2011 3:23 PM

All replies

  • Hi,

    What error are you getting there "You dont have access to view this page" and "Go back to site error".

    Then the group in which you have synchronized the AD users does not have group permission to log on at PWA.

    Then give that group few basic permissions(including log on at PWA) or synchronize AD group in default Team Member group. Then those new user will be able to access the PWA.

    Hope this may help you, please let me know if still facing any issue.

    Sachin Vashishth MCTS
    Wednesday, June 29, 2011 3:34 PM
  • Hello,

    When I try to login with an AD user that was synced, the browser (PWA) asks the "user/password" three times, after this the browser only show a blank page with none written.

    Yes, the group in wich I have syncronized the AD users "has" permission to log on at PWA. I tested all groups ... =)

    Yes, I gave basic permissions (including log on PWA) to the groups.

    Nothing works.

    Users syncronized with AD only works (log on PWA) if I add the user on Windows account (Windows Crontrol Panel -> Add user account). But this is inviable because there are many users.

    Thank you for the help.

    Wednesday, June 29, 2011 8:13 PM
  • Please,

    There are some configuration in Windows Server 2008 that I need to do to the integration "MOPS2007 + AD" works? Maybe changing a security police?


    Thursday, June 30, 2011 5:52 PM
  • hi Loren,

    Check the AD level security policy for the various groups created and then try again.



    Thanks, Raj
    Friday, July 1, 2011 9:43 AM
  • Does your account have Network persmissions?

    Check the Resources tables like MSP_Resources for corruption and incorrect values. Look for differences in working users and those which aren't working.

    Is Res_Is_Windows_User set to 1 for all Resources?

    Friday, July 1, 2011 10:30 AM
  • Srs.

    I resolved the problem creating a "group" on local server "Windows Settings". Then I linked this new group with "AD Group" that contain the users.

    After that, the users that belong to this group could log in on PWA.

    The only problem is that the users can log in on Windows Server too (localy). But this server is on a place with restrict access. And the remote conection was denied.

    Thank for the help.

    If somebody know any other solution, will be welcome.

    Thank you.

    Friday, July 1, 2011 3:32 PM