Web2 Authenitcation ignoring user Role


Have an issue with authentication/roles on Web2 - basically, my user getting assigned admin permissions and his role seems to be ignored.

I’ve got AD enabled Web2 interface (users & groups coming from AD) when testing as user t2dnowak (who is member of group ACL_MGMT_IC2_ACCESS) I’m getting assigned admin permissions (can do/view everything in Web2) where should be limited (as per role Standard Users)

My roles file:

Roles from GUI

Confirmation that user t2dnowak (from AD is a member of group)

What user dnowak can view:

Am I correct that this user should not have an access to things like Configuration etc? Why it’s getting an Admin ?

Some technical details:

  • OS RHEL 7
  • Icingaweb2 2.7.1 / httpd 2.4.6 / PHP 5.4.16
  • Icinga2 v2.10.5


logout and login again did not change anything?

Besides a note on PHP - 5.4 is too old, I would believe you’re running on SCL packages already. You are using the icingaweb2 rpm package from packages.icinga.com right?


Hi Michael,

Logout did not make any difference. Same ex. removing/adding user to group or trying on any other AD based user.

Yes it’s running on official packages from packages.icinga.com

Apologies for misslead on PHP - it took system version, Icingaweb2 running on SCL PHP 7.1