Nathan
> DomainA trusts DomainB and not vice-versa. So DomainA is trusting
> domain and DomainB the trusted domain.
>
> With this, can I
> 1. use DoaminB\user0 user to log on to a machine added to DomainA
I think so, as the machine is in DomainA and DomainA trusts DomainB.
> 2. access a service
Thanks John.
I have made a setup like this
DomainA (forest)DomainB(forest)
DomainA trusts DomainB and not vice-versa. So DomainA is trusting domain
and DomainB the trusted domain.
With this, can I
1. use DoaminB\user0 user to log on to a machine added to DomainA
2. access a service on DomainA
Hello,
If two domains are in a trust relationship, you can configure a product
to authenticate NTLMv2 tokens against one and it'll handle tokens from
the second domain. Unfortunately, AtriumSSO is the OpenSSO/AM product
with a BMC badge and has no Integrated Windows Authentication module,
and to m
Kerberos throws a whole different monkey wrench in the mix.
You could do it with a one way forest trust where Domain B trusts Domain
A's authentication, assuming the two domains are part of the same forest.
If they are not part of the same forest, you can create an external trust,
but an external
I am basically looking for answers to the questions asked here
http://stackoverflow.com/questions/13746669/spnego-cross-domain-configuration
I am planning to use Atrium SSO 8.0 with ARS 8.0 setup to get this working.
~Nathan
On Wed, Mar 6, 2013 at 8:41 AM, Nathan Brandt wrote:
> Steve,
>
> It
Steve,
It is not only about authentication. For Windows Desktop SSO to work,
Kerberos/NTLM tokens have to be passed around. My question is more related
to that. You are right about authentication, I can just specify one or more
AD servers in domain A (if it is a forest) in AREA configuration and
a
The way you worded this reminds me entirely too much of the old MCSE exams.
:)
In actuality, you don't really need to do anything. You can configure AREA
to authenticate from any given AD server, it does not need to reside in
your domain.
Thanks,
Steve
On Tue, Mar 5, 2013 at 6:58 PM, Nathan Bra
Suppose I have a setup where all ARS users reside in domain A and AR
Installation (mid-tier, AR Server and Db) are in domain B.
In order to achieve SSO (Integrated Windows Authentication) for users in
domain A against mid-tier in domain B what are the pre-requisites in terms
of domain trusts?
~Na
8 matches
Mail list logo
