cjunior_138458
May 23, 2016Altostratus
AAA - Active Directory with user that resides in another domain in trust
Hi,
We have few domains and we expect to use an unique AD account to query the servers. So, we try to configure AAA server AD with an user that resides in a specific domain name.
I know its possible with LDAP setting, but we need some AD setting advantages, specially for password changes.
Example:
AD
Domain name: domain1.net
Domain controller: adsrv1.domain1.net
Admin name: user_bigip
AD
Domain name: domain2.net
Domain controller: adsrv2.domain2.net
Admin name: user_bigip@domain1.net
AD
Domain name: domain3.net
Domain controller: adsrv3.domain3.net
Admin name: user_bigip@domain1.net
The result is that the Big-IP tries to query the bind with user_bigip@domain1.net@domain2.net
With user name in old format (Domain\Username), Big-IP ignore back slash. e.g. domain1.netuser_bigip@domain2.net
Is it possible to do? Could you give me some direction?
Thanks in advance.