Adaxes

isolated DomainA,DomainB. Common Adaxes service server for both managing DomainA,DomainB as managed domain

0 votes

hello, We are doing poc for Adaxes software. Our need: Adaxes as front end to manage multiple isolated domains with no trust e.g. Domain A, Domain B. We deployed Adaxes Service on a server which is member of domain A. Domain A shows as managed. Attempt to add Domain B with a domain account created in domain B always gives error "User or password is not correct". Is this toplogy supported

by (40 points)

1 Answer

0 votes
by (288k points)

Hello,

Yes, it is supported. You just need to make sure that all the ports used by Adaxes are open for al the domains you want to manage. For details on the ports, have a look at the following FAQ article: https://www.adaxes.com/questions/20/what-ports-does-adaxes-use.

0

Since its a poc setup, all servers are in same L2 network with no firewall in between three servers. Anything else i can check. I tried to use account with enterprise admin priviledges of domain B to add it as managed domain still get error. I below screenshot Domain A = iamcloud.local Domain B = idcloud.local

image.png

by (40 points)
0

Hello,

Since its a poc setup, all servers are in same L2 network with no firewall in between three servers

Are you sure that all the ports are open from the computer where Adaxes service is installed towards the domain controllers of the domain you are failing to register?

I below screenshot Domain A = iamcloud.local Domain B = idcloud.local

When the username and password are actually correct (you can use them to sign in to AD), the only option for the error to occur is something blocking the authentication. It can be firewall or some protaction software in your environment. There is just nothing in Adaxes that can cause such a thing.

by (288k points)
0

yes i confirm there is no protection. Even windows firewall is off. I see similar queries but none reported that they were successful with such configuration

https://www.adaxes.com/questions/9464/manage-another-adaxes-service https://www.adaxes.com/questions/12/have-create-trust-between-domains-manage-them-adaxes-service

To ensure i am using correct credential i did check the credential by doing a login on idcloud.local with account i wanted to use.

by (40 points)
0

Hello,

https://www.adaxes.com/questions/9464/manage-another-adaxes-service

We never got a reply to the last request here.

https://www.adaxes.com/questions/12/have-create-trust-between-domains-manage-them-adaxes-service

This is just an FAQ, it is not supposed to have a reply.

yes i confirm there is no protection

Please, execute the below script in Windows PowerShell ISE on the computer where Adaxes service runs and provide a screenshot of the output. You can post the screenshot here or send to us at support@adaxes.com. In the script, you only need to specify the password.

[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi")

$username = "svc-ad"
$domain = "idcloud.local"
$password = "secret"

[Softerra.Adaxes.Utils.NetworkCredentialHelper]::LogonUser(
    $username, 
    $domain, 
    $password, 
    [Softerra.Adaxes.Interop.LOGON32_LOGON]::LOGON32_LOGON_NETWORK, 
    [Softerra.Adaxes.Interop.LOGON32_PROVIDER]::LOGON32_PROVIDER_DEFAULT)
by (288k points)
0

I just found this and this resolved my issue

https://www.adaxes.com/questions/12723/managed-domain-trusted-primary-domain-adaxes-installed-running

image.png

Thank you for the help. May be it would be good idea to include some guideline with technical instruction for such case to help customer interested in Adaxes software

by (40 points)
0

Hello,

I just found this and this resolved my issue

Thank you for the confirmation, it is much appreciated.

May be it would be good idea to include some guideline with technical instruction for such case to help customer interested in Adaxes software

Thank you for the suggestion. We forwarded it to the corresponding department for consideration.

by (288k points)

Related questions

0 votes
1 answer
Implementing a second managed domain / configuring a replacement server

Our Adaxes server is currently used to manage only one hybrid domain. We're looking to add a second (AAD / cloud only) managed domain, but our existing Adaxes ... scenes" without that domain and its objects being visible to our users immediately? Thanks.

asked Sep 26 by ms1 (20 points)
0 votes
1 answer
Limit Self Service Password Reset to a Single Managed Domain

We have two on-prem domains; Domain A and Domain B. Domain A is our primary domain and syncs with Azure AD. Domain B contains accounts created for external ... user attempts to authenticate, they are only authenticating against the Domain B on-prem domain?

asked Apr 10 by awooten (80 points)
0 votes
1 answer
PowerShell Script executed as Service account - not domain account

Hi team, we have two accounts for Adaxes in our AD Service account (running services) named "service-adaxes" Service Domain account (to connect to AD) named "service-adaxesdomain" ... script? Or do I need to grant permissions to "service-adaxes" to manage AD?

asked Jul 30 by wintec01 (1.5k points)
0 votes
1 answer
In order to add a managed domain does it have to be trusted by the primary domain adaxes is installed an running in?

In order to add a managed domain does it have to be trusted by the primary domain adaxes is installed an running in? I have set up a domain for testing adaxes and it ... I have set my host file to point the untrusted domain to it's primary Domain Controller.

asked Oct 5, 2022 by mightycabal (1.0k points)
0 votes
1 answer
How it works if I have multiple accounts in one domain, and other accounts in others domains managed by Adaxes ?

Hello, How it works if I have multiple accounts in one domain, and other accounts in others domains managed by Adaxes ? Thank you. Regards. Pierre

asked Jun 9, 2021 by pierre.saucourt (40 points)
3,542 questions
3,232 answers
8,226 comments
547,806 users