how to enable authentication for external users from a partner domain via CCPM [Radius)/AD

Hi Experts

We need to authenticate users from an external domain called DomainB  via CPPM (Radius)/AD. How can we do it? There is no relationship between our domainA and the External domain[DomainB]

Our forest/domain functional level is 2003.

For DomainA users we have the following CPPM config:

General:

Name:      AD-SourceDomainA
Description:      China AD Servers
Type:      AD
Use for Authorization:      Enabled
Authorization Sources:      -



Primary:

Hostname:      dc01.domainA.com

Connection Security:      None
Port:      389
Verify Server Certificate:      true
Bind DN:      svc-cppm@domainA.com

Bind Password:      ********
NetBIOS Domain Name:      domainA
Base DN:      dc=domainA,dc=com
Search Scope:      SubTree Search
LDAP Referrals:      false
Bind User:      true
User Certificate :      userCertificate


Attributes:

Filters :      1. (&(sAMAccountName=%{Authentication:Username})(objectClass=user))
2. (distinguishedName=%{memberOf})
3. (&(sAMAccountName=%{Host:Name}$)(objectClass=computer))
4. (&(sAMAccountName=%{Onboard:Owner})(objectClass=user))
5. (distinguishedName=%{Onboard memberOf})



Backup 1:

Hostname:      dc02.domainA.com

Connection Security:      None
Port:      389
Verify Server Certificate:      true
Bind DN:      svc-cppm@domainA.com

Bind Password:      ********
NetBIOS Domain Name:      DomainA
Base DN:      dc=domainA,dc=com
Search Scope:      SubTree Search
LDAP Referrals:      false
Bind User:      true
User Certificate :      userCertificate



Thanks,
Jerry SeinfieldAsked:
Who is Participating?
 
David Johnson, CD, MVPOwnerCommented:
since there is no trust relationship how do you plan on authenticating the users credentials? you have to have a way of authenticating domain B from domain A.. Federated trust may work for you but domain B must also be setup to get/send the tokens.
0
 
Jerry SeinfieldAuthor Commented:
Any updates?
0
 
Jerry SeinfieldAuthor Commented:
Thanks David,

Assuming that we can create a two-way trust relationship, can you please advise on all steps required to complete this task? Please provide as much details as you can
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.