It is very dangerous. Fess is assigning full admin permissions and other permissions from AD to just normal users!
[request] userRoles=[2Domänen-Admins, 2Schema-Admins, 2Gäste, 2Finanzen, 2System Managed Accounts Group, 2Abgelehnte RODC-Kennwortreplikationsgruppe, RFessVerwaltung, 2Organisations-Admins, 1heinz.miller, 2FessVerwaltung, 2Administratoren, 2Richtlinien-Ersteller-Besitzer]
[request] username=heinz.miller
[session] lastaflute.action.USER_BEAN.FessUserBean={userId=heinz.miller, sync=2021/06/24 06:54:35}@3d740e60
This user for example does not have the permissions above! He is just in the group Users
.
Every normal user from Active Directory, which is login to Fess is getting full admin permissions. This is very dangerous.
Full output of fess.log when normal user heinz.miller
who belongs just to group Users
is logged in:
2021-06-24 06:54:30,357 [pool-6-thread-1] DEBUG Updating scheduled jobs. time:1624517640301
2021-06-24 06:54:35,229 [http-nio-8080-exec-6] DEBUG HTTP Request: POST
2021-06-24 06:54:35,267 [http-nio-8080-exec-6] DEBUG allowOrigin: *
2021-06-24 06:54:35,269 [http-nio-8080-exec-6] DEBUG * * * * * * * * * * {BEGIN}: /login/
requestClass=org.apache.catalina.connector.RequestFacade ; sessionId=D7B5F8E776CAE761EBBDA72A64D2806C
; url=http://centos8:8080/login/
; method=POST ; protocol=HTTP/1.1 ; scheme=http ; secure=false ; remoteAddr=192.168.110.101 ; remoteHost=192.168.110.101
; characterEncoding=UTF-8 ; contentLength=128 ; contentType=application/x-www-form-urlencoded ; locale=de ; locales=de,en_US,en
[header] accept=text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
[header] accept-encoding=gzip, deflate
[header] accept-language=de,en-US;q=0.7,en;q=0.3
[header] connection=keep-alive
[header] content-length=128
[header] content-type=application/x-www-form-urlencoded
[header] cookie=JSESSIONID=D7B5F8E776CAE761EBBDA72A64D2806C
[header] host=centos8:8080
[header] origin=http://centos8:8080
[header] referer=http://centos8:8080/login/
[header] upgrade-insecure-requests=1
[header] user-agent=Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:89.0) Gecko/20100101 Firefox/89.0
[param] lastaflute.action.TRANSACTION_TOKEN=5f5b55736479ee71d59384bef5952ff4
[param] login=Anmelden
[param] password=Windversteck7
[param] username=heinz.miller
[cookie] JSESSIONID=D7B5F8E776CAE761EBBDA72A64D2806C
[session] lastaflute.action.TRANSACTION_TOKEN={class org.codelibs.fess.app.web.login.LoginAction=5f5b55736479ee71d59384bef5952ff4}
[session] lastaflute.action.USER_LOCALE=de
2021-06-24 06:54:35,271 [http-nio-8080-exec-6] DEBUG ...Routing to action: name=login_loginAction params=null
2021-06-24 06:54:35,272 [http-nio-8080-exec-6] DEBUG ...Saving user locale to session: de
2021-06-24 06:54:35,274 [http-nio-8080-exec-6] DEBUG #flow ...Calling back #before for LoginAction
2021-06-24 06:54:35,276 [http-nio-8080-exec-6] DEBUG roleSet: [1guest, Rguest]
2021-06-24 06:54:35,278 [http-nio-8080-exec-6] DEBUG Begin transaction: [FormatId=4360, GlobalId=1624517003313/30, BranchId=]
2021-06-24 06:54:35,279 [http-nio-8080-exec-6] DEBUG #flow ...Beginning #action LoginAction@login()
2021-06-24 06:54:35,281 [http-nio-8080-exec-6] DEBUG ...Removing double-submit token: group=LoginAction, token=5f5b55736479ee71d59384bef5952ff4
2021-06-24 06:54:35,289 [http-nio-8080-exec-6] DEBUG Logged in.
2021-06-24 06:54:35,291 [http-nio-8080-exec-6] DEBUG ...Regenerating session ID for security
2021-06-24 06:54:35,293 [http-nio-8080-exec-6] DEBUG ...Saving login info to session
2021-06-24 06:54:35,295 [http-nio-8080-exec-6] DEBUG Search Role: 1:heinz.miller=1heinz.miller
2021-06-24 06:54:35,298 [http-nio-8080-exec-6] DEBUG Account Filter: (&(objectCategory=person)(objectClass=user))
2021-06-24 06:54:35,301 [pool-3-thread-3] DEBUG #flow #async ...Running asynchronous call as secondary@37468045
2021-06-24 06:54:35,309 [pool-3-thread-3] DEBUG #flow #async ...Finishing asynchronous call as secondary@37468045:
[Asynchronous Result]
performanceView: 00m00s000ms
2021-06-24 06:54:35,323 [http-nio-8080-exec-6] DEBUG LDAP search[4ms]: cn=Users,dc=em,dc=pri - (&(objectCategory=person)(objectClass=user))
2021-06-24 06:54:35,325 [http-nio-8080-exec-6] DEBUG entryDn: CN=Richtlinien-Ersteller-Besitzer,CN=Users,DC=em,DC=pri
2021-06-24 06:54:35,327 [http-nio-8080-exec-6] DEBUG Search Role: 2:Richtlinien-Ersteller-Besitzer=2Richtlinien-Ersteller-Besitzer
2021-06-24 06:54:35,328 [http-nio-8080-exec-6] DEBUG entryDn: CN=Domänen-Admins,CN=Users,DC=em,DC=pri
2021-06-24 06:54:35,331 [http-nio-8080-exec-6] DEBUG Search Role: 2:Domänen-Admins=2Domänen-Admins
2021-06-24 06:54:35,333 [http-nio-8080-exec-6] DEBUG entryDn: CN=Organisations-Admins,CN=Users,DC=em,DC=pri
2021-06-24 06:54:35,336 [http-nio-8080-exec-6] DEBUG Search Role: 2:Organisations-Admins=2Organisations-Admins
2021-06-24 06:54:35,340 [http-nio-8080-exec-6] DEBUG entryDn: CN=Schema-Admins,CN=Users,DC=em,DC=pri
2021-06-24 06:54:35,341 [http-nio-8080-exec-6] DEBUG Search Role: 2:Schema-Admins=2Schema-Admins
2021-06-24 06:54:35,343 [http-nio-8080-exec-6] DEBUG entryDn: CN=Administratoren,CN=Builtin,DC=em,DC=pri
2021-06-24 06:54:35,349 [http-nio-8080-exec-6] DEBUG Search Role: 2:Administratoren=2Administratoren
2021-06-24 06:54:35,350 [http-nio-8080-exec-6] DEBUG entryDn: CN=Gäste,CN=Builtin,DC=em,DC=pri
2021-06-24 06:54:35,352 [http-nio-8080-exec-6] DEBUG Search Role: 2:Gäste=2Gäste
2021-06-24 06:54:35,353 [http-nio-8080-exec-6] DEBUG entryDn: CN=System Managed Accounts Group,CN=Builtin,DC=em,DC=pri
2021-06-24 06:54:35,354 [http-nio-8080-exec-6] DEBUG Search Role: 2:System Managed Accounts Group=2System Managed Accounts Group
2021-06-24 06:54:35,356 [http-nio-8080-exec-6] DEBUG entryDn: CN=Abgelehnte RODC-Kennwortreplikationsgruppe,CN=Users,DC=em,DC=pri
2021-06-24 06:54:35,357 [http-nio-8080-exec-6] DEBUG Search Role: 2:Abgelehnte RODC-Kennwortreplikationsgruppe=2Abgelehnte RODC-Kennwortreplikationsgruppe
2021-06-24 06:54:35,358 [http-nio-8080-exec-6] DEBUG entryDn: CN=Finanzen,DC=em,DC=pri
2021-06-24 06:54:35,360 [http-nio-8080-exec-6] DEBUG Search Role: 2:Finanzen=2Finanzen
2021-06-24 06:54:35,365 [http-nio-8080-exec-6] DEBUG entryDn: CN=Administratoren,CN=Builtin,DC=em,DC=pri
2021-06-24 06:54:35,366 [http-nio-8080-exec-6] DEBUG Search Role: 2:Administratoren=2Administratoren
2021-06-24 06:54:35,368 [http-nio-8080-exec-6] DEBUG entryDn: CN=FessVerwaltung,OU=Role,DC=em,DC=pri
2021-06-24 06:54:35,369 [http-nio-8080-exec-6] DEBUG Search Role: R:FessVerwaltung=RFessVerwaltung
2021-06-24 06:54:35,371 [http-nio-8080-exec-6] DEBUG entryDn: CN=FessVerwaltung,OU=Group,DC=em,DC=pri
2021-06-24 06:54:35,372 [http-nio-8080-exec-6] DEBUG Search Role: 2:FessVerwaltung=2FessVerwaltung
2021-06-24 06:54:35,374 [http-nio-8080-exec-6] DEBUG entryDn: CN=Finanzen,DC=em,DC=pri
2021-06-24 06:54:35,375 [http-nio-8080-exec-6] DEBUG Search Role: 2:Finanzen=2Finanzen
2021-06-24 06:54:35,376 [http-nio-8080-exec-6] DEBUG entryDn: CN=Richtlinien-Ersteller-Besitzer,CN=Users,DC=em,DC=pri
2021-06-24 06:54:35,378 [http-nio-8080-exec-6] DEBUG Search Role: 2:Richtlinien-Ersteller-Besitzer=2Richtlinien-Ersteller-Besitzer
2021-06-24 06:54:35,379 [http-nio-8080-exec-6] DEBUG entryDn: CN=Domänen-Admins,CN=Users,DC=em,DC=pri
2021-06-24 06:54:35,380 [http-nio-8080-exec-6] DEBUG Search Role: 2:Domänen-Admins=2Domänen-Admins
2021-06-24 06:54:35,381 [http-nio-8080-exec-6] DEBUG entryDn: CN=Organisations-Admins,CN=Users,DC=em,DC=pri
2021-06-24 06:54:35,384 [http-nio-8080-exec-6] DEBUG Search Role: 2:Organisations-Admins=2Organisations-Admins
2021-06-24 06:54:35,386 [http-nio-8080-exec-6] DEBUG entryDn: CN=Schema-Admins,CN=Users,DC=em,DC=pri
2021-06-24 06:54:35,387 [http-nio-8080-exec-6] DEBUG Search Role: 2:Schema-Admins=2Schema-Admins
2021-06-24 06:54:35,389 [http-nio-8080-exec-6] DEBUG entryDn: CN=Administratoren,CN=Builtin,DC=em,DC=pri
2021-06-24 06:54:35,391 [http-nio-8080-exec-6] DEBUG Search Role: 2:Administratoren=2Administratoren
2021-06-24 06:54:35,393 [http-nio-8080-exec-6] DEBUG role: [2Domänen-Admins, 2Schema-Admins, 2Gäste, 2Finanzen, 2System Managed Accounts Group, 2Abgelehnte RODC-Kennwortreplikationsgruppe, RFessVerwaltung, 2Organisations-Admins, 1heinz.miller, 2FessVerwaltung, 2Administratoren, 2Richtlinien-Ersteller-Besitzer]
2021-06-24 06:54:35,399 [http-nio-8080-exec-6] DEBUG Commit transaction: [FormatId=4360, GlobalId=1624517003313/30, BranchId=]
2021-06-24 06:54:35,400 [http-nio-8080-exec-6] DEBUG #flow ...Calling back #finally for LoginAction
2021-06-24 06:54:35,402 [http-nio-8080-exec-6] DEBUG #flow ...Redirecting to /
2021-06-24 06:54:35,403 [http-nio-8080-exec-6] DEBUG
responseClass=org.apache.catalina.connector.ResponseFacade ; committed=true
; httpStatus=302 ; contentType=null ; locale=en_US
[header] Access-Control-Allow-Credentials=true
[header] Access-Control-Allow-Headers=Origin, Content-Type, Accept, Authorization, X-Requested-With
[header] Access-Control-Allow-Methods=GET, POST, OPTIONS, DELETE, PUT
[header] Access-Control-Allow-Origin=*
[header] Access-Control-Max-Age=3600
[header] Location=/
[header] Set-Cookie=JSESSIONID=CA2BDAA92F90C2F73AAD1D810A66B750; Path=/; HttpOnly
[request] VirtualHostValue=
[request] lastaflute.action.ACTION_RUMTIME=runtime:{/login/, public HtmlResponse LoginAction@login(LoginForm), pathParam:{{}}, HtmlResponse:{redirect:{/, INNER}}, display=[searchLogSupport, favoriteSupport, thumbnailSupport, popularWords]}
[request] lastaflute.action.FIRST_SUBMITTED_MARK=java.lang.Object@71b083aa
[request] lastaflute.action.USER_LOCALE=de
[request] lastaflute.config.ACTION_EXECUTE=execute:{public HtmlResponse LoginAction@login(LoginForm), urlPattern:{login, ^login$}}@1b6ab40c
[request] lastaflute.dbflute.SQL_COUNT={total=0}
[request] login_loginAction=org.codelibs.fess.app.web.login.LoginAction@2649e128
[request] login_loginAction_login_Form=VirtualForm:{formMeta:{login_loginAction_login_Form, org.codelibs.fess.app.web.login.LoginForm, props=3}, realForm=org.codelibs.fess.app.web.login.LoginForm@1303e2e6}@3213cb1e
[request] userRoles=[1guest, Rguest]
[session] lastaflute.action.USER_BEAN.FessUserBean={userId=heinz.miller, sync=2021/06/24 06:54:35}@3d740e60
[session] lastaflute.action.USER_LOCALE=de
* * * * * * * * * * {END}: /login/ [00m00s134ms]
2021-06-24 06:54:35,415 [http-nio-8080-exec-7] DEBUG * * * * * * * * * * {BEGIN}: /
requestClass=org.apache.catalina.connector.RequestFacade ; sessionId=CA2BDAA92F90C2F73AAD1D810A66B750
; url=http://centos8:8080/
; method=GET ; protocol=HTTP/1.1 ; scheme=http ; secure=false ; remoteAddr=192.168.110.101 ; remoteHost=192.168.110.101
; characterEncoding=UTF-8 ; contentLength=-1 ; contentType=null ; locale=de ; locales=de,en_US,en
[header] accept=text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
[header] accept-encoding=gzip, deflate
[header] accept-language=de,en-US;q=0.7,en;q=0.3
[header] connection=keep-alive
[header] cookie=JSESSIONID=CA2BDAA92F90C2F73AAD1D810A66B750
[header] host=centos8:8080
[header] referer=http://centos8:8080/login/
[header] upgrade-insecure-requests=1
[header] user-agent=Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:89.0) Gecko/20100101 Firefox/89.0
[cookie] JSESSIONID=CA2BDAA92F90C2F73AAD1D810A66B750
[session] lastaflute.action.USER_BEAN.FessUserBean={userId=heinz.miller, sync=2021/06/24 06:54:35}@3d740e60
[session] lastaflute.action.USER_LOCALE=de
2021-06-24 06:54:35,417 [http-nio-8080-exec-7] DEBUG ...Routing to action: name=rootAction params=null
2021-06-24 06:54:35,419 [http-nio-8080-exec-7] DEBUG ...Saving user locale to session: de
2021-06-24 06:54:35,421 [http-nio-8080-exec-7] DEBUG #flow ...Calling back #before for RootAction
2021-06-24 06:54:35,422 [http-nio-8080-exec-7] DEBUG refresh user info: false
2021-06-24 06:54:35,424 [http-nio-8080-exec-7] DEBUG roleSet: [2Domänen-Admins, 2Schema-Admins, 2Gäste, 2Finanzen, 2System Managed Accounts Group, 2Abgelehnte RODC-Kennwortreplikationsgruppe, RFessVerwaltung, 2Organisations-Admins, 1heinz.miller, 2FessVerwaltung, 2Administratoren, 2Richtlinien-Ersteller-Besitzer]
2021-06-24 06:54:35,434 [http-nio-8080-exec-7] DEBUG Begin transaction: [FormatId=4360, GlobalId=1624517003313/31, BranchId=]
2021-06-24 06:54:35,436 [http-nio-8080-exec-7] DEBUG #flow ...Beginning #action RootAction@index()
2021-06-24 06:54:35,437 [http-nio-8080-exec-7] DEBUG Commit transaction: [FormatId=4360, GlobalId=1624517003313/31, BranchId=]
2021-06-24 06:54:35,439 [http-nio-8080-exec-7] DEBUG #flow ...Calling back #finally for RootAction
2021-06-24 06:54:35,443 [http-nio-8080-exec-7] DEBUG #flow ...Forwarding to #jsp /index.jsp
2021-06-24 06:54:35,459 [http-nio-8080-exec-7] DEBUG
responseClass=org.apache.catalina.connector.ResponseFacade ; committed=true
; httpStatus=200 ; contentType=text/html;charset=UTF-8 ; locale=en_US
[header] Cache-Control=no-cache, no-store
[header] Connection=keep-alive
[header] Content-Type=text/html;charset=UTF-8
[header] Date=Thu, 24 Jun 2021 06:54:35 GMT
[header] Expires=Thu, 01 Dec 1994 16:00:00 GMT
[header] Keep-Alive=timeout=60
[header] Pragma=no-cache
[header] Transfer-Encoding=chunked
[request] VirtualHostValue=
[request] adminUser=false
[request] as={}
[request] conditions={}
[request] developmentMode=false
[request] displayLabelTypeItems=false
[request] editableUser=false
[request] eoled=false
[request] extraQueries=[]
[request] facetInfo=FacetInfo [field=[label], query=[timestamp:[now/d-1d TO *], timestamp:[now/d-7d TO *], timestamp:[now/d-1M TO *], timestamp:[now/d-1y TO *], content_length:[0 TO 9999], content_length:[10000 TO 99999], content_length:[100000 TO 499999], content_length:[500000 TO 999999], content_length:[1000000 TO *], filetype:html, filetype:word, filetype:excel, filetype:powerpoint, filetype:odt, filetype:ods, filetype:odp, filetype:pdf, filetype:txt, filetype:fb2, filetype:epub, filetype:ibooks, filetype:rtf, ...
[request] favoriteSupport=false
[request] fess.FacetForm=
[request] fess.GeoForm=
[request] fess.LabelValueMap={}
[request] fields={}
[request] geoInfo=org.codelibs.fess.entity.GeoInfo@74f0b78a
[request] highlightInfo=org.codelibs.fess.entity.HighlightInfo@22d66d48
[request] installationLink=https://fess.codelibs.org/13.13/install/install.html
[request] labelTypeItems=[]
[request] langItems=[{value=all, label=Alle Sprachen}, {value=ar, label=Arabisch}, {value=bg, label=Bulgarisch}, {value=bn, label=Bengalisch}, {value=ca, label=Katalanisch}, {value=ckb_IQ, label=Zentralkurdisch (Irak)}, {value=cs, label=Tschechisch}, {value=da, label=Dänisch}, {value=de, label=Deutsch}, {value=el, label=Griechisch}, {value=en_IE, label=Englisch (Irland)}, {value=en, label=Englisch}, {value=es, label=Spanisch}, {value=et, label=Estnisch}, {value=eu, label=Baskisch}, {value=fa, label=Persisch}, {valu...
[request] languages=[]
[request] lastaflute.action.ACTION_RUMTIME=runtime:{/, public HtmlResponse RootAction@index(), pathParam:{{}}, HtmlResponse:{forward:{/index.jsp}}, display=[searchLogSupport, favoriteSupport, thumbnailSupport, popularWords, notification, developmentMode, installationLink, eoled, osddLink, labelTypeItems, displayLabelTypeItems, langItems, username, editableUser, adminUser, pageLoginLink]}
[request] lastaflute.action.PUSHED_ACTION_FORM=VirtualForm:{formMeta:{rootAction_index_Form, org.codelibs.fess.app.web.base.SearchForm, props=24}, realForm=org.codelibs.fess.app.web.base.SearchForm@57a73dd9}@77f4677f
[request] lastaflute.action.USER_LOCALE=de
[request] lastaflute.config.ACTION_EXECUTE=execute:{public HtmlResponse RootAction@index(), urlPattern:{, ^$}}@6babbc5f
[request] lastaflute.dbflute.SQL_COUNT={total=0}
[request] locale=de
[request] notification=
[request] osddLink=true
[request] pageLoginLink=true
[request] pageSize=10
[request] popularWords=[]
[request] rootAction=org.codelibs.fess.app.web.RootAction@269a9c40
[request] rootAction_index_Form=VirtualForm:{formMeta:{rootAction_index_Form, org.codelibs.fess.app.web.base.SearchForm, props=24}, realForm=org.codelibs.fess.app.web.base.SearchForm@57a73dd9}@77f4677f
[request] searchLogSupport=true
[request] startPosition=0
[request] thumbnailSupport=false
[request] type=SEARCH
[request] userRoles=[2Domänen-Admins, 2Schema-Admins, 2Gäste, 2Finanzen, 2System Managed Accounts Group, 2Abgelehnte RODC-Kennwortreplikationsgruppe, RFessVerwaltung, 2Organisations-Admins, 1heinz.miller, 2FessVerwaltung, 2Administratoren, 2Richtlinien-Ersteller-Besitzer]
[request] username=heinz.miller
[session] lastaflute.action.USER_BEAN.FessUserBean={userId=heinz.miller, sync=2021/06/24 06:54:35}@3d740e60
[session] lastaflute.action.USER_LOCALE=de
* * * * * * * * * * {END}: / [00m00s044ms]
2021-06-24 06:54:36,364 [pool-6-thread-1] DEBUG Group Filter: (|(objectCategory=group)(objectCategory=group)(objectCategory=group)(objectCategory=group)(objectCategory=group)(objectCategory=group)(objectCategory=group)(objectCategory=group)(objectCategory=group)(objectCategory=group)(objectCategory=group))
2021-06-24 06:54:36,401 [pool-6-thread-1] DEBUG LDAP search[25ms]: cn=Users,dc=em,dc=pri - (|(objectCategory=group)(objectCategory=group)(objectCategory=group)(objectCategory=group)(objectCategory=group)(objectCategory=group)(objectCategory=group)(objectCategory=group)(objectCategory=group)(objectCategory=group)(objectCategory=group))
2021-06-24 06:54:36,402 [pool-6-thread-1] DEBUG groupDn: CN=Domänencomputer,CN=Users,DC=em,DC=pri
2021-06-24 06:54:36,403 [pool-6-thread-1] DEBUG Search Role: 2:Domänencomputer=2Domänencomputer
2021-06-24 06:54:36,404 [pool-6-thread-1] DEBUG groupDn: CN=Domänencontroller,CN=Users,DC=em,DC=pri
2021-06-24 06:54:36,406 [pool-6-thread-1] DEBUG Search Role: 2:Domänencontroller=2Domänencontroller
2021-06-24 06:54:36,407 [pool-6-thread-1] DEBUG groupDn: CN=Schema-Admins,CN=Users,DC=em,DC=pri
2021-06-24 06:54:36,421 [pool-6-thread-1] DEBUG Search Role: 2:Schema-Admins=2Schema-Admins
2021-06-24 06:54:36,423 [pool-6-thread-1] DEBUG groupDn: CN=Organisations-Admins,CN=Users,DC=em,DC=pri
2021-06-24 06:54:36,424 [pool-6-thread-1] DEBUG Search Role: 2:Organisations-Admins=2Organisations-Admins
2021-06-24 06:54:36,425 [pool-6-thread-1] DEBUG groupDn: CN=Zertifikatherausgeber,CN=Users,DC=em,DC=pri
2021-06-24 06:54:36,426 [pool-6-thread-1] DEBUG Search Role: 2:Zertifikatherausgeber=2Zertifikatherausgeber
2021-06-24 06:54:36,427 [pool-6-thread-1] DEBUG groupDn: CN=Domänen-Admins,CN=Users,DC=em,DC=pri
2021-06-24 06:54:36,428 [pool-6-thread-1] DEBUG Search Role: 2:Domänen-Admins=2Domänen-Admins
2021-06-24 06:54:36,429 [pool-6-thread-1] DEBUG groupDn: CN=Domänen-Benutzer,CN=Users,DC=em,DC=pri
2021-06-24 06:54:36,430 [pool-6-thread-1] DEBUG Search Role: 2:Domänen-Benutzer=2Domänen-Benutzer
2021-06-24 06:54:36,431 [pool-6-thread-1] DEBUG groupDn: CN=Domänen-Gäste,CN=Users,DC=em,DC=pri
2021-06-24 06:54:36,432 [pool-6-thread-1] DEBUG Search Role: 2:Domänen-Gäste=2Domänen-Gäste
2021-06-24 06:54:36,433 [pool-6-thread-1] DEBUG groupDn: CN=Richtlinien-Ersteller-Besitzer,CN=Users,DC=em,DC=pri
2021-06-24 06:54:36,434 [pool-6-thread-1] DEBUG Search Role: 2:Richtlinien-Ersteller-Besitzer=2Richtlinien-Ersteller-Besitzer
2021-06-24 06:54:36,435 [pool-6-thread-1] DEBUG groupDn: CN=RAS- und IAS-Server,CN=Users,DC=em,DC=pri
2021-06-24 06:54:36,435 [pool-6-thread-1] DEBUG Search Role: 2:RAS- und IAS-Server=2RAS- und IAS-Server
2021-06-24 06:54:36,436 [pool-6-thread-1] DEBUG groupDn: CN=Zulässige RODC-Kennwortreplikationsgruppe,CN=Users,DC=em,DC=pri
2021-06-24 06:54:36,437 [pool-6-thread-1] DEBUG Search Role: 2:Zulässige RODC-Kennwortreplikationsgruppe=2Zulässige RODC-Kennwortreplikationsgruppe
2021-06-24 06:54:36,439 [pool-6-thread-1] DEBUG groupDn: CN=Abgelehnte RODC-Kennwortreplikationsgruppe,CN=Users,DC=em,DC=pri
2021-06-24 06:54:36,440 [pool-6-thread-1] DEBUG Search Role: 2:Abgelehnte RODC-Kennwortreplikationsgruppe=2Abgelehnte RODC-Kennwortreplikationsgruppe
2021-06-24 06:54:36,441 [pool-6-thread-1] DEBUG groupDn: CN=Schreibgeschützte Domänencontroller,CN=Users,DC=em,DC=pri
2021-06-24 06:54:36,442 [pool-6-thread-1] DEBUG Search Role: 2:Schreibgeschützte Domänencontroller=2Schreibgeschützte Domänencontroller
2021-06-24 06:54:36,443 [pool-6-thread-1] DEBUG groupDn: CN=Schreibgeschützte Domänencontroller der Organisation,CN=Users,DC=em,DC=pri
2021-06-24 06:54:36,444 [pool-6-thread-1] DEBUG Search Role: 2:Schreibgeschützte Domänencontroller der Organisation=2Schreibgeschützte Domänencontroller der Organisation
2021-06-24 06:54:36,445 [pool-6-thread-1] DEBUG groupDn: CN=Klonbare Domänencontroller,CN=Users,DC=em,DC=pri
2021-06-24 06:54:36,446 [pool-6-thread-1] DEBUG Search Role: 2:Klonbare Domänencontroller=2Klonbare Domänencontroller
2021-06-24 06:54:36,447 [pool-6-thread-1] DEBUG groupDn: CN=Protected Users,CN=Users,DC=em,DC=pri
2021-06-24 06:54:36,448 [pool-6-thread-1] DEBUG Search Role: 2:Protected Users=2Protected Users
2021-06-24 06:54:36,449 [pool-6-thread-1] DEBUG groupDn: CN=Schlüsseladministratoren,CN=Users,DC=em,DC=pri
2021-06-24 06:54:36,450 [pool-6-thread-1] DEBUG Search Role: 2:Schlüsseladministratoren=2Schlüsseladministratoren
2021-06-24 06:54:36,450 [pool-6-thread-1] DEBUG groupDn: CN=Unternehmenssschlüsseladministratoren,CN=Users,DC=em,DC=pri
2021-06-24 06:54:36,451 [pool-6-thread-1] DEBUG Search Role: 2:Unternehmenssschlüsseladministratoren=2Unternehmenssschlüsseladministratoren
2021-06-24 06:54:36,453 [pool-6-thread-1] DEBUG groupDn: CN=DnsAdmins,CN=Users,DC=em,DC=pri
2021-06-24 06:54:36,454 [pool-6-thread-1] DEBUG Search Role: 2:DnsAdmins=2DnsAdmins
2021-06-24 06:54:36,455 [pool-6-thread-1] DEBUG groupDn: CN=DnsUpdateProxy,CN=Users,DC=em,DC=pri
2021-06-24 06:54:36,456 [pool-6-thread-1] DEBUG Search Role: 2:DnsUpdateProxy=2DnsUpdateProxy
2021-06-24 06:54:36,457 [pool-6-thread-1] DEBUG groupDn: CN=DHCP-Benutzer,CN=Users,DC=em,DC=pri
2021-06-24 06:54:36,458 [pool-6-thread-1] DEBUG Search Role: 2:DHCP-Benutzer=2DHCP-Benutzer
2021-06-24 06:54:36,460 [pool-6-thread-1] DEBUG groupDn: CN=DHCP-Administratoren,CN=Users,DC=em,DC=pri
2021-06-24 06:54:36,461 [pool-6-thread-1] DEBUG Search Role: 2:DHCP-Administratoren=2DHCP-Administratoren
2021-06-24 06:54:36,463 [pool-6-thread-1] DEBUG role(lazy loading): [2Domänen-Admins, 2Schreibgeschützte Domänencontroller der Organisation, 2Zertifikatherausgeber, RFessVerwaltung, 2Domänencontroller, 2FessVerwaltung, 2DnsUpdateProxy, 2Zulässige RODC-Kennwortreplikationsgruppe, 2Schema-Admins, 2DHCP-Administratoren, 2Domänen-Benutzer, 2Organisations-Admins, 2Klonbare Domänencontroller, 2Unternehmenssschlüsseladministratoren, 2RAS- und IAS-Server, 2Schlüsseladministratoren, 2Domänencomputer, 2Richtlinien-Ersteller-Besitzer, 2Finanzen, 2System Managed Accounts Group, 2DnsAdmins, 2Domänen-Gäste, 2Protected Users, 2DHCP-Benutzer, 2Administratoren, 2Gäste, 2Abgelehnte RODC-Kennwortreplikationsgruppe, 1heinz.miller, 2Schreibgeschützte Domänencontroller]
2021-06-24 06:54:38,953 [http-nio-8080-exec-4] DEBUG * * * * * * * * * * {BEGIN}: /admin/crawlinginfo/