Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Authentication two domains

Status
Not open for further replies.
FidlerNL

FidlerNL

Technical User
Nov 13, 2009
2
NL
I have a setup with a Cisco ASA 5505 which makes a VPN with AD authentication.

Just recently my company joined with another company and I need to extend the AD authentication to their domain too.

I allready created a trust between the domains but the users from the second domain could not authenticate..

It looks like the ASA is only checking the original domain.

I need some help with this.
 
Sort by date Sort by votes
can you post a config and topology?

Brent
Systems Engineer / Consultant
CCNP, CCSP
 
Upvote 0 Downvote
Unfortunately I do not have access to the ASA, it is managed by another party.

They are supposed to make the change to make it possible to authenticate from two (trusted) domains but they are a bit slow.

The situation is as follows :
domain A has a sharepoint portal. This portal site can be accessed localy and remote. The local connection is managed by granting access on the Sharepoint side, to groups and individuals.
External access is managed bij the ASA, a login page is presented and user log in with their domain username and password. They do not have to specify their domain. The accounts are member of a Global Security Group wich has been granted acces at the Sharepoint portal administration site.

Recently our company has taken over another company with their own domain, Domain B. A trust between the domains has been created.
Users from Domain B have been granted access on the sharepoint portal and if the access it locally the need to login with their domain account. This works without problems. Als tested it with groups, this works also and users don't have to login anymore.
However, if the users from Domain B want to access the site externally they don't get access.
Tried logging in with and without the the full domain names but no access.

It looks like the ASA is configured to only check in Domain A. Users from Domain B don't have an account there and cannot be authenticated.
 
Upvote 0 Downvote
Are you using LDAP authentication or RADIUS?? If RADIUS are you using IAS??

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Spork52
  • Locked
  • Question
Is this secure? Serving content from two servers with SSL
Replies
3
Views
152
ChrisHirst
ChrisHirst
barbastica
  • Locked
  • Question
Cisco PIX Fierwall- SSH authentication question
Replies
0
Views
119
barbastica
barbastica
dieter2
  • Locked
  • Question
tmg authentication
Replies
0
Views
79
dieter2
dieter2
basball
  • Locked
  • Question
How to connect between two different subnets on the same router?
Replies
0
Views
103
basball
basball
HopnDude
  • Locked
  • Question
Two Firewalls on 1 VM running 2 VE with 2-2 Port Gigabit NIC's. Doable?
Replies
1
Views
90
nblount
nblount

Part and Inventory Search

Sponsor

Back
Top