cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

LDAP integration with AD with trusted relationship

Hello.

We are implementing the solution at customer and have the following question.

they have 2 main domains (domain one, domain two). These domains are working with AD trusted relationship to access internal applications. So users from domain one, can access to applications using domain two using their domain usernames. Also groups can be created using both domain forests.

So the question is, if we do an CSS integration to LDAP domain two, will users from domain one have access to the system? Or does CSS support integration with AD forests supporting Trusted relationship technology? If yes, what is the correct way to configure it.

Thanks

P.S:Sorry for my English(

3 REPLIES 3

adam_piotrowicz
Dynatrace Pro
Dynatrace Pro

No.

Each CSS can be integrated with only one LDAP and each CAS server can use only one CSS to search users.

Integration with more than one LDAP would be a Product Idea.

Hi Adam,

Thanks for your reply. Another question relating your reply:

And if we have CAS on cluster can we develop 2 different CSS, one for each cluster and ask part of users (from one domaint) user 1 cas, the the second part use the second CAS?

Thanks


Yes, this should work, each domain would have access separately to each of CASes. But you should be able to connect DMIs from both CASes to get visibility into whole set of data.

I haven't heard about such setup so you're more than welcome to test it and share results.