VMware Cloud Community
cshells
Enthusiast
Enthusiast
‎12-01-2013 05:08 PM

vSphere SSO 5.5 and multiple AD domains

We have just built out a new 5.5 environment and I am working on the SSO portion. Currently our SSO server is in a sub domain of our primary domain (subdomain.company.net), all our users AD authentication is done through our primary domain (company.net). We also have a couple two way trusts with some customer domains.

So in the configuration I choose "Active Directory (Integrated Windows Authentication)" and I put our primary domain company.net in the domain name. I use machine account, but I get "The host is required to join to domain [company.net] but joined to [subdomain.company.net]

I am not positive what this is referring to. Do I need to be using SPN for our other domains? I added subdomain.company.net without any issues.

Any help would be great!

0 Kudos
2 Replies
raog
Expert
Expert
‎12-01-2013 08:31 PM

Thats because the machine you installed SSO on is in your subdomain(The error is very descriptive Smiley Happy ). So adding identity source with integrated windows auth would work only for that particular subdomain.

Regards

Girish

To Virtualization and beyond! PS::If you felt the answer as helpful, please mark it as helpful/answered so that it helps other users as well! Blog:: www.virtualtipsntricks.com
0 Kudos
cshells
Enthusiast
Enthusiast
‎12-01-2013 09:44 PM

Right, I understand that part about being in a subdomain and that's my bad for phrasing the question wrong. I just didn't know if others are adding multiple domains with "Active Directory as a LDAP Server" or if using a SPN with Integrated Windows Authentication is the correct way to do it.

0 Kudos