orian
Hot Shot
Hot Shot

Two domain in one VRA

Hi,

I have been configured my VRA to join my main domain.

Now, my users from this domain can login to the VRA.

Is it possible to add another domain (without trust) to the VRA?

I want to allow users from the new domain to login to the VRA.

Thanks!

Idan

Tags (2)
0 Kudos
10 Replies
daphnissov
Immortal
Immortal

That should be fine provided you aren't using IWA for your authentication.

0 Kudos
orian
Hot Shot
Hot Shot

Hi,

How can I do it?

Now, my first domain is "Active Directory with IWA" type.

0 Kudos
daphnissov
Immortal
Immortal

Then no, I think they both have to be over LDAP.

0 Kudos
orian
Hot Shot
Hot Shot

Can you specify the steps I have to make?

0 Kudos
daphnissov
Immortal
Immortal

Under Directories you just add a new directory, it's nothing special. But I think you may need to disjoin the appliance from the existing AD and go with AD over LDAP.

0 Kudos
orian
Hot Shot
Hot Shot

Then users will get a list of domains they can connect to?

I can still do SSO in the new configuration?

0 Kudos
daphnissov
Immortal
Immortal

They will be able to pick the identity source at login, yes, and their selection will be saved into a cookie. No, there is no SSO without IWA.

0 Kudos
orian
Hot Shot
Hot Shot

The reason I ask is because a user can have two types of computers (in different domains) that both have access to VRA.
However, one computer is more exposed to the Internet zone and the other is not.
Therefore, I want the more exposed Internet computer to show the user only simple and not harmful requests and on the other computer (in the second domain) to view all the simple and not harmful requests and of course all the other requests.

Now, in the current configuration, the user is able to connect to the VRA from the two computers with the credential of the primary domain and see all the requests.

That's why I thought of connecting the vra two domains.

But on the other hand you tell me that there will not be an option of sso ...

Do you have any other idea to resolve this problem?

0 Kudos
daphnissov
Immortal
Immortal

I don't understand what you mean when you say

simple and not harmful requests

0 Kudos
orian
Hot Shot
Hot Shot

simple and not harmful request - a request that send an informative mail.

harmful request - restart to production server.

0 Kudos