Symantec Identity Management

Expand all | Collapse all

IM - Authenticate against AD Global Catalog

Jump to Best Answer
  • 1.  IM - Authenticate against AD Global Catalog

    Posted 12 days ago
    Hi Team

    We have Identity Suite vApp with IM and IP. We are currently provisioning to a single AD domain and IM is also configured for user authentication against this domain.
    We now wish to introduce a second AD domain in the same forest. So we will acquire this as a new endpoint and provision certain users to it.

    But we want to allow users in both domains authenticate to IM with their AD credentials. I understand that you can only configure one AD for authentication in the IM management console. But can I configure that AD to be the global catalog (i.e. port 3269)? That way it would find users in both domains.

    Thanks

    Pearse


  • 2.  RE: IM - Authenticate against AD Global Catalog
    Best Answer

    Posted 8 days ago

    You can try but disable the password update which could be triggered by the authentication module.  What version are you on?  Find "DisableADPasswordPropagation"

    https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-identity-and-access-management/identity-manager/14-3/configuring/advanced-settings/manage-authentication-module-properties.html

    Once this is done test your authentication again.  If this does not work I suggest you open an ideation (top menu and click "ideation).  Thank you.



    ------------------------------
    Best regards,

    Scott Owens
    Sr Support Engineer

    ------------------------------
    And, as always Perhaps there are others in the communities who have experience in doing this and we invite them to comment here also.

    Another option may be to reach out to our partner HCL Technologies to see in what way they can assist further. The Enterprise Studio team of HCL can be reached at enterprisestudio@hcl.com. https://www.hcltech.com/enterprise-studio
    ------------------------------
    ------------------------------