Hi,
I have setup Microsoft Active Directory on iDRAC 7 with very basic options (no certificates, no Single Sign-On, no Kerberos Keytab, Standard Schema). All works well.
The problem is that we have 2 forests with full trust configured between them and iDRAC is not able to authenticate users from both of them.
Basically we have single domain security group on Forest1 and couple users from both forests (Forest1 and Forest2). If I add domain controllers' (DC) IPs for both domains-forests, authentication fails on the first DC if user is from different domain (check does not reach second DC's IP to check for the user). Error I get:
ERROR: bind failed: Invalid credentials, 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db0: user=test@comp.local host=192.168.0.1.
test@comp.local - Forest1 user
192.168.0.1 - Forest2 DC IP
Does iDARC support AD authentication for users from couple separate forests?
Thanks