AD Trust relationship - Authentication

The 1C:Enterprise developers forum

Pages: 1

David SAUVETRE	#1 People who like this: 0 Yes / 0 No Mar 17, 2014 03:38 PM
Just came Rating: 0 Joined: Mar 17, 2014 Company: BIO-RAD	Hi All, We are planning to create a trust relationship between AD1 (where are located the current 1C users) and AD2. Then, we will create all the users in the Active Directory 2 (AD2). Could you please confirm that we will be able to switch from AD1 users to AD2 users for authentication? Thanks for your feedback. David

Timofey Bugaevsky	#2 People who like this: 0 Yes / 0 No Mar 18, 2014 12:41 AM
Timofey Bugaevsky Guest Joined: Company:	If the domain name remains the same for users? Anway, I believe, it's always better to test before appying drammatic changes...

David SAUVETRE	#3 People who like this: 0 Yes / 0 No Mar 18, 2014 01:11 AM
Just came Rating: 0 Joined: Mar 17, 2014 Company: BIO-RAD	The purpose of the trust relationship is to have 2 different domains (AD1 and AD2). Would it be possible to have some users authenticated with AD1 or some other with AD2? Thanks David

Timofey Bugaevsky	#4 People who like this: 0 Yes / 0 No Mar 18, 2014 05:16 AM
Timofey Bugaevsky Guest Joined: Company:	To allow an access in MS Windows domain, you specify domain and user name, so they will stay in previous domain. To allow an access in the new domain you will need to add new users and specify access for them for new domain.

David SAUVETRE	#5 People who like this: 0 Yes / 0 No Mar 18, 2014 02:07 PM
Just came Rating: 0 Joined: Mar 17, 2014 Company: BIO-RAD	Hi Timofey Just for confirmation: Let's say I have 2 users existing in my current Active Directory AD1 (DOMAIN1): DOMAIN1\Aleksey DOMAIN1\Serguey In another Active Directory AD2 (DOMAIN2, I recreate one of the users: DOMAIN2\Aleksey Then if I create a trust relationship between AD1 and AD2, does it mean that it would be possible to change DOMAIN1\Aleksey by DOMAIN2\Aleksey and keep DOMAIN1\Serguey at the same time? Sergey would then keep authenticate against AD1 and Aleksey would authenticate against AD2. Is it correct? Thanks David.

Timofey Bugaevsky	#6 People who like this: 0 Yes / 0 No Mar 18, 2014 10:58 PM
Timofey Bugaevsky Guest Joined: Company:	I'm sorry, David, but I'm not sure, if a server an be in both domains? Try to check in the following way: if all three users are accessible on the server where 1C:Enterprise servier is installed, then, I suppose, you can create all three users. See the screenshot, it shows how an operating system user can be assigned to user of 1C:Enterprise. Attached Files Download user.png (14.89 KB)

David SAUVETRE	#7 People who like this: 0 Yes / 0 No Mar 19, 2014 01:02 AM
Just came Rating: 0 Joined: Mar 17, 2014 Company: BIO-RAD	Hi Timofey, In our case, the 1C server is on DOMAIN1. The challenge is to know if it would be possible to specify \\DOMAIN2\Aleskey (so that the user authenticate via the AD2) thanks to the trust relationship between the two domains. Would you know anyone who could have been through that type of configuration? Thanks. David

Timofey Bugaevsky	#8 People who like this: 0 Yes / 0 No Mar 19, 2014 03:29 AM
Timofey Bugaevsky Guest Joined: Company:	Try to share a folder to user in domain2 on that server first. If you could, think, you might be able to select that user in OS authentication.

David SAUVETRE	#9 People who like this: 0 Yes / 0 No Apr 08, 2014 02:36 PM
Just came Rating: 0 Joined: Mar 17, 2014 Company: BIO-RAD	Thanks Timofey. It worked. After setting the trustrelationship between the 2 domains, we are now able to work with an account from one AD or from the other one.

Timofey Bugaevsky	#10 People who like this: 0 Yes / 0 No Apr 08, 2014 10:24 PM
Timofey Bugaevsky Guest Joined: Company:	Thanks for sharing, David.

Subscribe

Pages: 1

Users browsing this topic (guests: 4, registered: 0, hidden: 0)