Active Directory Hybrid problems with Rosters

I’m using an Active Directory Internal Hybrid user source with the internal default user source as backup and it seemed to be working well until we lost connection to the AD from the site (the AD server is off-site but connects over a VPN). I’m not too concerned about the the users ability to log in… They have a backup user account in the default source.

The problem is that the Rosters became empty so now my users will not get notified about alarms.

I was poking around the user sources after we began having trouble with the AD server, so I may have reloaded the AD source.

I can see two times when the problem might have started:

  1. When we began losing connection to the AD.
  2. If I edited and saved the AD user source.

Either way, I don’t want the system to remove everyone off the rosters if the source is not functioning. I can understand removing users if the source no longer has them, but Ignition should be able to distinguish between a non-functioning user source and missing users.

Am I missing something? Is there a better way to do this?

Answer I got when I called IA:

Turn off the setting: “List Users from Active Directory”

This causes the list of users to populate based on the internal DB rather than the AD.

It will make things more difficult for creating users, but not by much.