Version and OS: ePDM 2013-SP3, Win2008 ENT R2. Clients on Win7
AD: Single domain, users are listed according to their local goe-site, ie cn=username, ou=groupname, ou=sitename, dc=company, dc=com. AD is synched and global catalogue is accessable. There is a DC at the local site, DNS resolves the domain name to the local DC
We have multiple archives located at remote sites replicating back into the centre.
Remote sites are connected by a relatively large pipes, remote sites typlically have contention under 100ms to the centre.
We are using AD groups to grant access local archives. Only the local AD group have access to the local archive
Issue: At the remote site, when the local PDM admin clicks 'list users' (these would be from the local AD group into which the user has been added) users are not listed. However on the central system, this is instant.
If the user is added from the central system, they are login with their AD account details without issues
Tried so far: pointing client PC to central DC and DNS, using different AD users as administrators, configuring a domain admin as a PDM admin users (to see if its a domain security issue), made sure I can query LDAP with any of the AD users to pull the user list, stopped Symantec AV.
Seemly that on way to get it to work is to add PDM users as local users on the local archive server at the remote site - we donot want to go there are we are a large organisation.
Nothing shows in the logs to give an idea of what's going on.
ePDM cleint seems to be wating on something
Has anyone seen this issue or can give any leads?