Skip to Content
avatar image
Former Member

AD authentication for domain in another forest- XI R2

Situation:

- Windows 2003

- BOXI R2 (tomcat)

- 2 domains (in different forest)

- trust between the two domains

We have succesfully installed the AD-authentication plugin for domain1.

To work around for domain2, we've added users from domain2 inside a group of domain1, but these users are not shown inside the CMC when we import the AD-group.

Can we use the LDAP plugin for the domain2? What should be the procedure?

If found a similar question on this forum from one month ago, where they were talking about BO3 SP1, which will support multiple forest. But not really a solution the could help me out now.

Please advise

Thanks in advance!

Quinten

Add comment
10|10000 characters needed characters exceeded

  • Follow
  • Get RSS Feed

1 Answer

  • Best Answer
    Sep 03, 2008 at 02:20 PM

    In XIR2 we cannot map in groups that contain users from 2 different forests. To work around this we could use LDAP to AD, but there are a few limitations.

    If you want to upgrade the version that should contain this will hopefully be out by the end of this month XI 3.1 or XI 3.0 integrated SP1.

    There should be some notes on using LDAP to AD in the SMP as well as it's documented in the [XI 3.0 Admin Guide|http://help.sap.com/businessobject/product_guides/boexir3/en/xi3_bip_admin_en.pdf]

    Regards,

    Tim

    Add comment
    10|10000 characters needed characters exceeded