Active Directory Domain Trust(s)
-
ROFL.
-
Well, I've been successful at establishing a one was external trust between my test domain and production domain. I was able to grant permissions on file shares to users across the trust and authenticate successfully. However, I cannot get the application in question (the reason for the trust) to authenticate via an account across the trust. I believe this is due to the way the application is querying AD (it's doing an LDAP lookup with a base of our production domain). So, this may not be an option after all...which I'm OK with.
We are considering one of two options:
- Continuing to enforce the Password Self Service portal
OR
- Configuring accounts for each agency so that someone technical on their end has restricted access to their respective OU. This would allow them to reset passwords and create/delete accounts for their respective organization (with oversight from us, of course).
I'm trying to push my boss towards option 1, but the decision is really up to him.
-
for the username on the application, have you tried domain\username or [email protected]?
-
@Dashrender said:
for the username on the application, have you tried domain\username or [email protected]?
I did try [email protected], but I did not try domain\username. I'll give that a shot.
-
@anthonyh said:
@Dashrender said:
for the username on the application, have you tried domain\username or [email protected]?
I did try [email protected], but I did not try domain\username. I'll give that a shot.
No go unfortunately. I'm going to ask the vendor if the app supports SAML based authentication. I'm pretty sure the answer is going to be no, but it's worth an ask.
