Rehired employee cannot login to ESS with AD-integrated account
- Knowledge Assistant
Owned by Knowledge Assistant
Jul 30, 2021
1 min read
Loading data...
Description of Issue
- An employee was terminated then rehired, they now cannot login to their ESS account, which is synced with the Active DirectoryÂ
- Employee's AD credentials work in other applications but not ESS
- User is unable to login to ESS
Context
- Munis
- Employee Self Service (ESS)Â
- User Administration
- LDAP
Cause
- Due to the user being a rehire, their SID was updated and changed to a new value when their active directory account was reactivated
- The stored SID value on wbuserlk no longer matches the user's current SID
Resolution
- Access Employee Self Service > Administration > User Administration, then find the user account in question
- Click Delete
- Re-add the user account using the Add User button, the User ID can be any value initially since it will be overwritten by the AD User ID immediately following this add
- Once the user has been added back in with a standard/non-AD account, click Migrate AD Users
- The account should now be re-migrated to AD, and the user should be able to login
Additional Information
- To confirm what a user's SID is, the user can run this command while logged into a PC: whoami /user
- Please reach out to Munis Human Resources Support with any follow up questions