07-17-2019 10:51 PM
Hi,
We wanted to configure the second realm in our proxy to authenticate users from a different domain(separate AD forest). Can you please provide the necessary information and help to configure the same?
Keyur
07-18-2019 06:12 AM
Hi Keyur,
Are you asking about how to create second realm or how to make use of it?
The tricky part is making use of it.
In your identification profile, you should make use of the more specific realm, for specific networks.
You need to define specific networks authenticated by the realm. And the rest will be authenticated by the second realm.
So , you first need your scope of which subnet should be authenticated against which realm.
Hope that helps.
Kind regards
Sadik
07-18-2019 10:20 PM
07-18-2019 11:33 PM
Hi Keyur,
It is possible.
So your key point will still be to create a matrix , which subnets will be authenticated against which realms.
If you're expecting WSA to query both realms and find the user belongs to which one, its not gonna work.
You should point WSA which domain to check.
Hope this helps
Sadik
07-19-2019 01:58 AM
Hi Sadik,
We have a scenario like employees of two different companies(ex. company A and Company B) that are on the same premises and on the same subnet. Realm for company A was already created on WSA and it was working fine. Now we have to create the second realm for Company B employees on the same WSA. But the problem is the AD's of both companies are in a different forest. so it is possible? if yes please suggests the steps for doing the same.
Regards,
Keyur
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide