Further to AD groups, I've done some recent testing and am pretty sure that the AD groups you use need to be "security" groups and not "Distribution" groups.
If you need to explore this by yourself here are some things that might be helpful
- If your server is part of an AD group, there usually is a copy "Active Directory Users and Groups" in the "Admin Tools" menu. This will let you wander around AD (with user level privs) to see what is there.
![Untitled.png]()
- when looking at groups, this is what to look for:
- A Security group (Useful)
- A Distribution group (Useless)
- A Security group (Useful)
- Identify a user you want to give the special privs to.
- Find their account in AD
- Find out what groups they belong to by looking at the "member of" tab then start looking for a small enough security group that they belong to
![ScreenClip [3].png]()
- When adding AD users / groups in NPM, there are blocks of text at the top of the pages. They are REALLY worthwhile to read.
- If you are experimenting with a user's access in NPM, Use yourself as the test case. It impacts less people.
- Build yourself a backup account in case you completely lock yourself out of NPM. I create a NPM db account named cgregorsbackup with my favorite obscure password. just in case.
- DO NOT grant anything other than basic privileges to the AD group DOMAINNAME\Domain Users
![ScreenClip [1].png](http://thwack.solarwinds.com/servlet/JiveServlet/downloadImage/2-245982-20530/ScreenClip+%5B1%5D.png)
![ScreenClip [2].png](http://thwack.solarwinds.com/servlet/JiveServlet/downloadImage/2-245982-20534/ScreenClip+%5B2%5D.png)
![ScreenClip [3].png](http://thwack.solarwinds.com/servlet/JiveServlet/downloadImage/2-245982-20535/ScreenClip+%5B3%5D.png)