10-29-2014 07:09 PM - edited 03-19-2019 08:48 AM
Hi,
I want to change the LDAP authentication as the multiple domains and my Windows AD environment is the child trust, that mean the root DC is the "abc.com", which have the two child DCs, e.g. "us.abc.com ", "uk.abc.com"
Is it possible I just changed the LDAP auth. with user search space as the root DC is fine?
OR
I must use the "userPrincipalName" ?
10-30-2014 06:29 AM
Yes,if single forest you can point to the root domain just fine.
11-01-2014 12:40 PM
But it had the collision SAMAccountName, that would have the same account name between the us.abc.com and uk.abc.com.
If I changed the "userPrincipalName" LDAP sync to CM, how about the Jabber login?
11-22-2014 10:43 PM
Actually, I changed the LDAP Directory Sync as "userPrincipalName", and I just can login the abc.com users on ccmuser page and us.abc.com users is LDAP auth. fail ....
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide