When users belong to more than 10 Member groups in AD, VIP Enterprise Gateway sends the first 10 values to the VPN Gateway.  This causes the VPN Gateway gateway (I.e., CISCO ASA) to reject the user. 
 

By default, the number of response for getting an attribute value is set to 10.  

> Edit the radserv.conf file located in folder <VIPEG Install folder>\Validation\servers\<Validation server name>\conf. 
> Change the "10" value of “server.max_attribute_in_response=10” to match or exceed the number of groups users are a part of.  
> Restart the validation server.

Send the validation request. The response should now show more than 10. 

 

 "text=User [username] not found in the Userstore." Thread-3184 VSAuthOTPStandardControllerImpl.cpp

"text=Sending Acces-Reject for user [username] , reason=7; User not found in LDAP." Thread-3184 VSAuthOTPStandardControllerImpl.cpp