Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1566
Views
1
Helpful
1
Replies

ACS 5.4 Join AD: joining user is part of other domain in forest

LarsNils_2
Level 1
Level 1

‎11-08-2013 09:19 AM - edited ‎03-10-2019 09:04 PM

We have a AD structure where we have xxx.se in the top and under that aaa.xxx.se ,bbb.xxx.se and ccc.xxx.se

Now  I want to join the ACS 5.4 to xxx.se but the user doing the join has his user account in aaa.xxx.se

The user has permissions in AD to create computer objects in xxx.se

On windows this is no big problem , create a computer account and specify that user@aaa.xxx.se can do the join

and then specify user + domain in the standard ways, either user@aaa.xxx.se or aaa\user when doing the join on the PC.

But how can I specify this when using join in ACS ?

The \ way gives:    

Failed During Join [Invalid Active Directory credentials]

and @ way:

Failed During Join [Error while configuring Active Directory: Error:  (Kerberos) : Malformed representation of principal due to unexpected  configuration or network error.Please try the --verbose option or run  'adinfo --diag' to diagnose the problem.Join to domain 'xxx.se',  zone 'null' failed.]

My ACS version is:   5.4.0.46.5

Labels:
0 Helpful
1 Reply 1
Customers Also Viewed These Support Documents