rglassford
asked on
Juniper SA 2000
Hello,
The organization that I work for is in the process of migrating all users from one Active Directory Domain to another and I am the lucky System Administrator who has been charged with utilizing the duct tape to accomplish this goal. I've established a method for migrating the users over in small groups from Domain-old to Domain-new utilizing a Forest Level trust. The one snag I've run into currently is VPN access, I am attempting to find a method whereby we can utilize our SA2000 to in conjunction with the trust to authenticate users of both domains until the transition is completed.
I've verified that the Active Directory group, (Domain-Old\SA-REMOTE-USER S) which is being used for authentication is a Domain Local group in Domain-Old and the Active Directory group which I plan to also utilize in Domain-New (Domain-New\SA-REMOTE-USER S) is a member of that group in Domain-Old. However, when I attempt to authenticate with a user in Domain-New I either get an invalid UID/Pass error (Invalid username or password. Please re-enter your user information.) or (You are not allowed to sign in. Please contact your administrator.)
Is there a method by which this can be accomplished?
The organization that I work for is in the process of migrating all users from one Active Directory Domain to another and I am the lucky System Administrator who has been charged with utilizing the duct tape to accomplish this goal. I've established a method for migrating the users over in small groups from Domain-old to Domain-new utilizing a Forest Level trust. The one snag I've run into currently is VPN access, I am attempting to find a method whereby we can utilize our SA2000 to in conjunction with the trust to authenticate users of both domains until the transition is completed.
I've verified that the Active Directory group, (Domain-Old\SA-REMOTE-USER
Is there a method by which this can be accomplished?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.