Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
737
Views
0
Helpful
3
Replies

ACS and two Windows Active Directory Domains

ursshared
Level 4
Level 4

‎01-28-2009 03:15 PM - last edited on ‎03-25-2019 05:25 PM by Community Manager

Can one ACS server authenticate users against two different AD domains? The server is a member server of one domain. We are not able to enumerate the groups from the second domain. There is a two way trust between the domains.

Labels:
0 Helpful
3 Replies 3

Ivan Martinon
Level 7
Level 7

‎02-02-2009 05:59 PM

Is there a 2 way trust with the two domains, have you checked that the user that ACS uses to read and query the Domains lies on both domains and has read privileges?

0 Helpful

frbilbrey
Level 1
Level 1

‎03-05-2009 03:43 PM

We authenticate multiple domains like this, We have a proxy domain that contains the acs remote agents. The proxy domain trusts the domains to be authenticated against. In ACS you will be able to see all of the domains that the proxy trusts. When you go about mapping domain groups to acs groups you have to manually add the group name. ACS can enumerate the group to authenticate users, but ACS cannot seem to traverse multiple domains during the setup phase. Hope this helps.

Bob

0 Helpful

aneelaka
Level 1
Level 1
In response to frbilbrey

‎03-06-2009 03:12 PM

are the users in multiple groups in the multiple domains, if so mapping should be done differently than you would if users were in a single group so that users are properly mapped to a group

0 Helpful
Customers Also Viewed These Support Documents