Log Insight: Access Control and Grayed Out Items

Someone recently pinged me stating that a group that had been defined on the Access Control page of Log Insight was grayed out. They wanted to know why and how to fix it. Read on to learn more!

The problem statement was pretty straightforward:

  • Go to the Access Control page (/admin/users) as a Super Admin
  • Notice that some groups are grayed out

In my environment, and likely in yours, this issue will not be reproducible. However, here is how it will look if/when you can:

So what was the issue? Well, what happened is that you enabled an authentication mechanism (e.g. Active Directory) and then added a group from that authentication mechanism (e.g. Active Directory). At a later point in time, you disabled the authentication mechanism (e.g. Active Directory). In the above example, I can confirm that Active Directory was disabled on my Log Insight instance:

To fix the issue, you have a few options:

  1. Re-enable Active Directory — You probably turned it off for a reason (e.g. migration to VIDM) so this is not likely the solution you want
  2. Delete the Active Directory group — note if you switched to VIDM you may need this group unless you have added the VIDM version of this group (in my example I did so I can safely delete the AD group)
  3. Ignore the issue — if you do need the group then you can safely ignore the grayed out group

© 2017, Steve Flanders. All rights reserved.

Leave a Reply