Posts Tagged ‘web console’

Have found an issue when using the Orchestrator Web Console where the permissions a user has are still active after they have been removed.


  1. Permissions are granted to an AD group to a runbook folder using the Designer console
  2. User is added to the AD group
  3. User can connect to Designer and also the Web Console to see and manage the runbooks in that folder
  4. Remove the user from the group
  5. In Designer, the user no longer has access and cannot see the folder or runbooks
  6. In the Web Console, the permissions are unchanged and the user can still view and manipulate the runbooks

Suggestions provided through a post to the technet forums suggested that the permissions are cached in the SQL database in the “Microsoft.SystemCenter.Orchestrator.Internal.AutorizationCache” table, however this table was already empty

Restarting the Servers, services, logging the user off and on etc made no difference. The permissions still persisted the following day.

Another user suggested this is a known bug and that they resolved it with a call to Microsoft. I can find no other mention/reference of this bug, so a call to Microsoft it is…