Using ADAM to authenticate application users against 2 seperate AD

Discussion in 'Active Directory' started by jaclinmilner, Feb 23, 2006.

  1. jaclinmilner

    jaclinmilner Guest

    I have a BI application that uses AD for user authentication. It uses its own
    repository for application permissions, but the initial authentication is
    done against AD.

    My organisation is in 2 countries - each with their own completely seperate
    AD.

    However I only have 1 instance of the BI application (the bean counters
    wouldnt buy two licenses :) and whilst it can be configured to use multiple
    AD domains, its authentication mechanism can only be configured to point to
    one host address.

    My intention would be to install ADAM on the BI server (or intermediary box)
    as I have a small user community. From my reading on this subject I can setup
    2 instances of ADAM on the one host.

    Can I configure each instance of ADAM to redirect the authentication request
    to a different AD?

    or can each ADAM instance be configured to replicate user information from
    different ADs? ie ADAM instance 1 -> Country 1 AD, ADAM instance 2 -> Country
    2 AD.

    Thanks in advance,
     
    jaclinmilner, Feb 23, 2006
    #1
    1. Advertisements

  2. jaclinmilner

    Lee Flight Guest

    Hi

    ADAM relies on domain membership of the server it resides on to
    authenticate AD users. So you would need domain trust (which I guess
    your BI app assumes for multi-domain working) or forest trust as your
    ADs are completely separate. With either trust you would then not need
    ADAM just the app, outside of trust you will need a copy of the app for
    each AD.

    Lee Flight
     
    Lee Flight, Feb 23, 2006
    #2
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.