We have a use case where the client want to use the domain based accounts to access the PAM enabled windows endpoints. We have bootstrapped the AD and pam enabled the required AD accounts. When we try to use the AD accounts and bootstrap the windows workload, we are getting error (logs attached). Could you please let us know what we are missing here ?
@lionelrl As discussed in SME call yesterday, please include the Group Attribute mapping in the AD Connection and then retry the use case. Let us know if that fixes the issue.
Also in the attached logs I see JSON parse error. Please make sure you have a valid JSON mentioned in the group mapping field and that you have ObjectSid property mapped as well.