Active Directory login works in client, gateway login does not work

I’m setting up a new gateway, and I have an interesting issue. I’ve tested logging in via Active Directory under Users, Roles → Verify a User Source and it works correctly. All my roles, name, etc. all populate correctly. Then I set up my Vision project to use the AD user source, and it works great. However when setting the gateway security to use the AD user source, logging into the gateway fails.

Has anyone else had this issue? It seems strange that I can log in via Active Directory everywhere aside from the gateway web page.

I also have a recurring warning coming up in the logs. It may not be related, but it does pop up every few minutes and is filling up the logs with the same message. The message says:

[profileName=MyProfileName] Attribute “cn” returned null for group “CN=AnADGroupOnTheNetwork,OU=Global Group,DC=MyOrganization,DC=com”.

I’m can’t say for sure, but I learned a lot about our company’s setup using Microsoft’s AD Explorer which is a free and zero-install download. You could use it to check that the path structure is really as you suspect it is.

I had an issue that I had a filter set on my AD group. With that filter it would only check the users that are in the filtered group. If I remember correctly, the check users/roles worked correctly. The project logins did not work correctly.