Adaxes

isolated DomainA,DomainB. Common Adaxes service server for both managing DomainA,DomainB as managed domain

0 votes

hello, We are doing poc for Adaxes software. Our need: Adaxes as front end to manage multiple isolated domains with no trust e.g. Domain A, Domain B. We deployed Adaxes Service on a server which is member of domain A. Domain A shows as managed. Attempt to add Domain B with a domain account created in domain B always gives error "User or password is not correct". Is this toplogy supported

by (40 points)

1 Answer

0 votes
by (282k points)

Hello,

Yes, it is supported. You just need to make sure that all the ports used by Adaxes are open for al the domains you want to manage. For details on the ports, have a look at the following FAQ article: https://www.adaxes.com/questions/20/what-ports-does-adaxes-use.

0

Since its a poc setup, all servers are in same L2 network with no firewall in between three servers. Anything else i can check. I tried to use account with enterprise admin priviledges of domain B to add it as managed domain still get error. I below screenshot Domain A = iamcloud.local Domain B = idcloud.local

image.png

by (40 points)
0

Hello,

Since its a poc setup, all servers are in same L2 network with no firewall in between three servers

Are you sure that all the ports are open from the computer where Adaxes service is installed towards the domain controllers of the domain you are failing to register?

I below screenshot Domain A = iamcloud.local Domain B = idcloud.local

When the username and password are actually correct (you can use them to sign in to AD), the only option for the error to occur is something blocking the authentication. It can be firewall or some protaction software in your environment. There is just nothing in Adaxes that can cause such a thing.

by (282k points)
0

yes i confirm there is no protection. Even windows firewall is off. I see similar queries but none reported that they were successful with such configuration

https://www.adaxes.com/questions/9464/manage-another-adaxes-service https://www.adaxes.com/questions/12/have-create-trust-between-domains-manage-them-adaxes-service

To ensure i am using correct credential i did check the credential by doing a login on idcloud.local with account i wanted to use.

by (40 points)
0

Hello,

https://www.adaxes.com/questions/9464/manage-another-adaxes-service

We never got a reply to the last request here.

https://www.adaxes.com/questions/12/have-create-trust-between-domains-manage-them-adaxes-service

This is just an FAQ, it is not supposed to have a reply.

yes i confirm there is no protection

Please, execute the below script in Windows PowerShell ISE on the computer where Adaxes service runs and provide a screenshot of the output. You can post the screenshot here or send to us at support@adaxes.com. In the script, you only need to specify the password.

[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi")

$username = "svc-ad"
$domain = "idcloud.local"
$password = "secret"

[Softerra.Adaxes.Utils.NetworkCredentialHelper]::LogonUser(
    $username, 
    $domain, 
    $password, 
    [Softerra.Adaxes.Interop.LOGON32_LOGON]::LOGON32_LOGON_NETWORK, 
    [Softerra.Adaxes.Interop.LOGON32_PROVIDER]::LOGON32_PROVIDER_DEFAULT)
by (282k points)
0

I just found this and this resolved my issue

https://www.adaxes.com/questions/12723/managed-domain-trusted-primary-domain-adaxes-installed-running

image.png

Thank you for the help. May be it would be good idea to include some guideline with technical instruction for such case to help customer interested in Adaxes software

by (40 points)
0

Hello,

I just found this and this resolved my issue

Thank you for the confirmation, it is much appreciated.

May be it would be good idea to include some guideline with technical instruction for such case to help customer interested in Adaxes software

Thank you for the suggestion. We forwarded it to the corresponding department for consideration.

by (282k points)

Related questions

0 votes
1 answer
Limit Self Service Password Reset to a Single Managed Domain

We have two on-prem domains; Domain A and Domain B. Domain A is our primary domain and syncs with Azure AD. Domain B contains accounts created for external ... user attempts to authenticate, they are only authenticating against the Domain B on-prem domain?

asked Apr 10 by awooten (80 points)
0 votes
1 answer
PowerShell Script executed as Service account - not domain account

Hi team, we have two accounts for Adaxes in our AD Service account (running services) named "service-adaxes" Service Domain account (to connect to AD) named "service-adaxesdomain" ... script? Or do I need to grant permissions to "service-adaxes" to manage AD?

asked Jul 30 by wintec01 (1.4k points)
0 votes
1 answer
In order to add a managed domain does it have to be trusted by the primary domain adaxes is installed an running in?

In order to add a managed domain does it have to be trusted by the primary domain adaxes is installed an running in? I have set up a domain for testing adaxes and it ... I have set my host file to point the untrusted domain to it's primary Domain Controller.

asked Oct 5, 2022 by mightycabal (1.0k points)
0 votes
1 answer
How it works if I have multiple accounts in one domain, and other accounts in others domains managed by Adaxes ?

Hello, How it works if I have multiple accounts in one domain, and other accounts in others domains managed by Adaxes ? Thank you. Regards. Pierre

asked Jun 9, 2021 by pierre.saucourt (40 points)
0 votes
1 answer
What are the firewall ports needs to be opened between Adaxes server and Domain Controller?

We are planning to use Adaxes in our environment and before proceeding, we need to understand the firewall port requirements for Adaxes service to work. What are the firewall ports needed between Adaxes and AD domain controller?

asked Jan 24 by Renugopal (120 points)
3,472 questions
3,165 answers
8,057 comments
547,017 users