Type Public
Category Configuration
Subject Cross-Domain User Authentication/Multi-Forrest User Authentication
Rating 0% rating out of 0 vote(s).
Navigation Previous - Next - iTivity Remote Support Software - DoubleVision TTY Terminal Remote Control

Cross-Domain User Authentication/Multi-Forrest User Authentication


You can download the full FAQ with screen shots by following the link below :

ftp://ftp.tridia.com/download/iTivity/docs/cross-domain-auth.docx

The article less the screen shots can be read below :

Cross-Domain User Authentication/Multi-Forrest User Authentication

This ‘how-to’ helps explain how to set Cross Domain user authentication or sometimes also referred to as Multi-Forrest User Authentication under iTivity iServer 7.0.00 and earlier. This solution is based on using the Local Built in Security group ‘Backup Operators’ to add additional privileges to users who are members of the security group iTivityServerUsers. Notice that one cannot add other groups to be members of a Local Built in Security group. It is not allowed by Windows.
DOMAIN CONTROLLERS
We use in this example TWO Domain Controllers:
DNS:itdc1.tridia.com DOMAIN:itdc1.local – EXTERNAL IP: 104.185.31.21 INTERNAL IP: 10.142.0.10
DNS:itdc2.novpm.com DOMAIN:itdc2.local – EXTERNAL IP: 35.185.41.134 INTERNAL IP: 10.142.1.50
Each Domain Controller has one or more host clients joined to it.
Each Domain Controller is running Windows 2012r2
Two-way transitive trust has been established between the two Domain Controllers.

HOST WINDOWS CLIENTS
Each domain controller has one or more host Windows clients joined to it. Each domain controller is on a separate network and each host Windows client is connected to its domain controller on the domain controller’s network. That is, there are two separate networks and each host client is on the physically separate network associated with its own domain controller. Each network is behind a firewall, and the firewall has DHCP and NAT configured. Below are the Windows host clients used in the network.
Netbios name – domain – domain controller
itcl1 – joined to itdc1.local domain – itdc1.tridia.com is its domain controller
itcl2 – joined to itdc2.local domain – itdc2.novpn.com is its domain controller

CREDENTIALS USED
First domain controller : itdc1.tridia.com has user itdc1user
Second domain controller: itdc2.novpn.com has user itdc2user




GROUP MEMBERSHIP USED
itdc1user is a member of the following groups:
iTivityServerUsers on Domain controller itdc1.tridia.com
BackupOperators on Domain controller itdc1.tridia.com
BackupOperators on Domain controller itdc2.novpn.com

itdc2user is a member of the following groups:
iTivityServerUsers on Domain controller itdc2.novpn.com
BackupOperators on Domain controller itdc2.novpn.com
BackupOperators on Domain controller itdc1.tridia.com




















Did this answer your question? Be heard!
5 4 3 2 1   
Yes! Getting warm Keep looking Not Really No!