Forum Discussion

Keith_Fox_15580's avatar
Keith_Fox_15580
Icon for Nimbostratus rankNimbostratus
Mar 25, 2015

Authenticating trusted domain users

Hello,

 

I have two domains, Domain1.com which is our internal domain, and a trusted domain domain2.com. I am trying to set up APM to authenticate users from domain2, and have it query a group on domain1, which the domain2 users is a member of.

 

I have been able to authenticate a domain2 user, but it goes to that domains DC's (domain2), instead of domain1, which it should be able to authenticate with. Also when I run an AD query, it looks to query against domain2, when Domain1 has the membership I am looking for.

 

Any ideas how to get it to authenticate against Domian1, or at the very least get it to query for the group membership on Domain1?

 

Thanks!

 

APM
management
security

3 Replies

Sort By
  • Seth_Cooper's avatar
    Seth_Cooper
    Icon for Employee rankEmployee
    Mar 26, 2015

    Can you please give a little bit more detail on how you have the VPE setup and what AAA objects you are pointing at in the AD Auth and AD Query?

     

    Seth

     

  • Keith_Fox_15580's avatar
    Keith_Fox_15580
    Icon for Nimbostratus rankNimbostratus
    Mar 27, 2015

    I only have AAA for domain1, the VPE is setup for cross domain support. It is authenticating, to domain2, I just need it to look for groups in Domain1 which I have control of, instead of domain2 which I have no access to.

     

  • Keith_Fox_15580's avatar
    Keith_Fox_15580
    Icon for Nimbostratus rankNimbostratus
    Apr 22, 2015

    Does anybody have any idea on this?

     

    Basically because the trusted domain I don't have access to, and I am adding the user in the trusted domain to one of our local domain groups, I need to have the query look for the user in the group, not check to see if it is a member of the group, or it appears that is what I need. I am just not sure of the correct ad query I need to enter to perform this task, or if it is even possible.