Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Error retrieving AD groups from non local domain

Status
Not open for further replies.
deb13

deb13

Technical User
Nov 20, 2003
49
GB
BOXI R2 - Windows Server 2003

We use AD authentication and single sign on - our local domain with mapped groups works fine. We have recently merged with another company who still have their own domain. Their domain is a trusted domain on our network and I have been able to add foreign domain\domain users in the authentication tab.

foreign domain\domain users appears in the groups option and I can browse the list of users. However, if I try and view the properties of the user I get the following message:

"There was an error while retrieving data from the server: Active Directory Authentication failed to get the Active Directory groups for the account with ID "A181C0F8EF65794FACA0CDC52999A711:ABA". Please make sure this account is valid and belongs to an accessible domain."

Also, when a user from the foreign domain tries to log on with single sign on using AD authentication, they get this message:

"The Active Directory Authentication plugin could not authenticate at this time. Please try again. If the problem persists please contact your technical support department."

This gives them a log on box and if they change the authentication to Enterprise then they get logged in. I presume this means that when the group was added, CE aliases were created.

Have any of you guys any idea why the AD authentication might not be working - I look forward to hearing from you.

Thanks

Deb
Sheffield, UK

 
Sort by date Sort by votes
We had the same problem about 18-months ago, a smaller business unit on a different WinAD domain could not be used for WinAD SSO into InfoView.

BOBJ's response was that different WinAD Domains needed to be part of the same WinAD Forest.

If they are not part of the same WinAD Forest then BOE-XI (R2) can not synch to them.

Our solution was to create a Enterprise-only users and groups to support that small business-unit.

The other option was to have the WinAD administrators merge the two Domains under a single Forest - but that way a decision that would need to be made waaaaaaay above my pay-grade.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

n2nuk
  • Locked
  • Question
Migrating reports from CR server 2013 to CR Server 2016
Replies
6
Views
231
n2nuk
n2nuk
DanEvansJr
  • Locked
  • Question
Crystal Report to Adobe pdf - font issue
Replies
1
Views
160
DanEvansJr
DanEvansJr
kdavis6416
  • Locked
  • Question
Find email-addressess with CSP Query Builder and other detail information about reports
Replies
0
Views
59
kdavis6416
kdavis6416
jtd353
  • Locked
  • Question
Internal Error. Please Contact Your System Administrator [CRCAF00000020]
Replies
1
Views
86
hilfy
hilfy
kate8
  • Locked
  • Question
Error in Uploading report from InfoView
Replies
3
Views
96
kray4660
kray4660

Part and Inventory Search

Sponsor

Back
Top