Using v 8.1.1. I have my One Identity install in one domain and all my users have AD accounts in another (synced) domain and there is no trust between them. I was thinking of putting the Web Portal in the untrusted domain where all the users are so that the users can Authenticate to the Web Portal with their credentials from that domain. (Just putting the untrusted user domain in the Authentication Domains config parameter doesn't work). I think this may work but one requirement that is likely to cause problem is that the users need to be in the SQL Role basegroup. Since the domains are untrusted, the web portal users cannot be put into this role. This got me thinking how the oauth authenticator would work then when the accounts aren't in the domain either so how can they be in the basegroup role? Will putting the web portal in a different domain for authentication purposes work?
- Products
- Solutions
- Resources
- Trials
- Support
- Partners
- Communities