NPM authentication with two AD domains

Yes, just add your credentials and make sure the domain networks can both talk to wherever (network/VLAN) your SolarWinds server is.

Yes it is possible. Our company recently created a new domain that's currently working and existing along side the old domain.

I became flooded with requests to give the new domain users permissions to login to the Orion Web Console.

I went ahead and tried to add them into SolarWinds via the Manage Accounts page: successful!

Asked them to try logging into the Orion Web Console with their new domain user account  : successful!

Users from the old domain : still able to access the Orion Web Console

So, yes it is possible.

SolarWinds is domain agnostic. That is why you need a domain qualifier in your login:

abcd\a.smith

or

xyz\b.rubble

Something is obviously wrong somewhere. When I try to create a new Windows individual account I have two options. One is to use the local network service to access the AD, the other is to use an account with "administrative access to Active Directory or local domain accounts". I found an article that says to circumvent this, temporarily deactivate the authentication through the AD. This worked with the domain originally configure (datacenter). If it is active and I try to search for users I get "Value cannot be null. Parameter name: password". When disabled I can search for and then add users.

When I try to create an account from another domain and the authentication through the AD is active,  I again get the message "Value cannot be null. Parameter name: userName". When I disable authentication through the AD, I "No domain specified.  Please enter search string in the format:  Domain\Username."  In the advanced AD settings I can successfully test the connection.

However, with the other company AD configured, I can still search for names in the datacenter domain. This indicates to me that SolarWinds can connect (thus the connection test is successful) but is querying the AD improperly.

I am now even more confused. According to SolarWinds support "Our current LDAP support implementation allows authenticating users just from single domain. We can authenticate users from multiple domains only via MSAPI." Is everyone here using MSAPI?

Here is how I do it...nothing special...

The account you use below needs admin right to SolarWinds and must be entered with the domain qualifier:

[domain_name]\[loginID]

Then go to town...

Hi When I try adding a user from a different domian I get this message:

Cannot logon '<<DOMAIN ADMIN USER>>@<<DOMAIN>>' via NetworkCleartext/Default

Hi,
I'm wondering if this one has every been resolved?
ie. can NPM authenticate users using more than one domain or not?

I just started getting this exact same symptom... trying to figure out why it won't seem to query ad for a user group although the test seems to work.  For me it's the same domain the server is joined to... it's not even another domain.

Have you reviewed the following KB articles?

• Value cannot be null. Parameter name: userName - SolarWinds Worldwide, LLC. Help and Support
• Unable to create new Active directory group accounts - SolarWinds Worldwide, LLC. Help and Support
• Cannot add AD security group - Error: <no domain specified> - SolarWinds Worldwide, LLC. Help and Support