Forum Discussion
NimbostratusAuthenticating trusted domain users
Hello,
I have two domains, Domain1.com which is our internal domain, and a trusted domain domain2.com. I am trying to set up APM to authenticate users from domain2, and have it query a group on domain1, which the domain2 users is a member of.
I have been able to authenticate a domain2 user, but it goes to that domains DC's (domain2), instead of domain1, which it should be able to authenticate with. Also when I run an AD query, it looks to query against domain2, when Domain1 has the membership I am looking for.
Any ideas how to get it to authenticate against Domian1, or at the very least get it to query for the group membership on Domain1?
Thanks!
3 Replies
Seth_CooperEmployee
Can you please give a little bit more detail on how you have the VPE setup and what AAA objects you are pointing at in the AD Auth and AD Query?
Seth
Keith_Fox_15580I only have AAA for domain1, the VPE is setup for cross domain support. It is authenticating, to domain2, I just need it to look for groups in Domain1 which I have control of, instead of domain2 which I have no access to.
- Keith_Fox_15580
Does anybody have any idea on this?
Basically because the trusted domain I don't have access to, and I am adding the user in the trusted domain to one of our local domain groups, I need to have the query look for the user in the group, not check to see if it is a member of the group, or it appears that is what I need. I am just not sure of the correct ad query I need to enter to perform this task, or if it is even possible.
