Solved: Re: AD: cannnot login using the user existed in the other AD

naoki_Japan · ‎10-18-2021

I configured two-way trusted relationship between windows Active Directly A and B.

B has computer information and A has user and password information.

Test PC belongs to B domain, and I tried logging into the PC using the user information registered in A domain controller.

However, the user cannot be found.

In the contrary, on ISE, I can retrieve the attribute of the user in A AD from B AD, which I assume means the two-way trusted relationship can be configured correctly.

Then, why can not the test PC in B domain login using the user information in A AD?

Marcelo Morais · ‎10-18-2021

Hi @naoki_Japan ,

please 1st take a look at Policy > Policy Sets > select your policy > at Authentication Policy check the Use:

2nd at Administration > Identity Management > Identity Source Sequences > select your identity and double check the configuration.

3rd at Administration > Identity Management > External Identity Sources > Active Directory > select your AD > Advanced Settings tab > check the Identity Resolution configuration:

4th at Whitelisted Domains tab double check the Authenticate column.

Hope this helps !!!

View solution in original post

Marcelo Morais · ‎10-18-2021