SolarWinds Authentication

One of our security operations managers has a One-way domain trust issue.  He wants to know if an AD user can authenticate over a one-way trust in SolarWinds?

Parents
  • Can you give more specific details on this?  Obviously, change the names of the domains to protect the innocent. Stuck out tongue winking eye

    Example:

    • Parent.Domain.Local is the domain where the SolarWinds Platform is deployed.
    • Trust.Local is the domain where the user account exists.
    • There's a one-way transitive trust from Trust.Local Arrow right️ Parent.Domain.Local where users from TRUST can log into computers in PARENT.

    Since there are multiple types (one-way, two-way, transitive, non-transitive, others?) of trust in AD, it would be better to have more details than less for an inquiry like this.

  • Hi Kevin, 

    Thanks for your reply.  Those are some good questions.  We have a customer at a location that wants to have "end users" be able to login and view their dashboards.  Security does not normally permit that in our environment .  The discussion has turned to giving them their own additional web server joined to their domain.  

    It would apply if a trust were created between the 2 domains.  This would not have to be forest level trust.   The LogonFallback setting would be configured on the SolarWinds MPE and the existing SolarWinds Additional Web Server.   

  • This is very much an edge case and we're not going to have documentation or instructions for this.

    However, if you get it running, you should totally reply to this message and flag it as the answer because there might be someone else looking for the same thing.

Reply Children
No Data