Invalid XA User Caused by Forward Slash in AD Object Name

Invalid XA User Caused by Forward Slash in AD Object Name

PROBLEM BEHAVIOR

A new user has been created in AD. They are a member of an XA-enabled security group but cannot log in to XA. Also, you get an error when attempting to view their information in the XA Administrator. 

EXPECTED BEHAVIOR

Users added to XA-enabled security groups should be able to log in normally after being auto-added.

AFFECTS:

All versions of XA Server.

ROOT CAUSE: Forward Slash (/) in user's object name (e.g., OB/GYN)

XA Server will not auto-add an AD user properly if there is a forward slash in the user's object name.

RESOLUTION

1. Remove the user from the XA database (they may not exist, which is okay).

2. Locate and update the user in the database.

1. SELECT * FROM Users
   WHERE XAUsername like '%username%'
2. Copy the GUID from the previous results to delete the user in the XA database
   XA_User_deleteUser 'AAAAAAAA-AAAA-AAAA-AAA-AAAAAAAAA'
3. Remove the forward slash from the user's object name in Active Directory.
4. Restart the XA Server service on the XA server where auto-add is enabled.