Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 1 subscriber
  • Views 3152 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Protecting Clients in different domains

Stcragg
Hello all, I'm hoping someone can point me in the right direction on this. I have two domains in my environment (basically PROD and TEST), and i'm wanting to protect the clients in the TEST domain via the enterprise console which is located in the PROD domain. I've created a two-way trust between both domains (which is validated to be working), but i'm stumped on what further user / group changes (additions) i need to configure to allow the console in the PROD to be able to protect the TEST clients. Is there a document hidden on the Sophos site which someone can point me to? Many thanks in advance,
:3159


This thread was automatically locked due to age.
Parents
  • 0

    Hi,

    If you are using:
    TEST\administrator (as an example)

    to deploy to the machines in the test domain you need to ensure that this account can logon to the machine where the management service is located.

    As a test, in a command prompt run:

    runas /user:TEST\administrator cmd

    after entering a password, If this launches a command prompt then that is the first hurdle.  If it fails, the message should guide you.  If SEC is on a DC in the PROD domain ensure:TEST\administrator has been granted the ability to log on to the machine.  If it succeeds what error do you get when you try to protect the machines in TEST?

    Thanks,

    Jak

    :3164
Reply
  • 0

    Hi,

    If you are using:
    TEST\administrator (as an example)

    to deploy to the machines in the test domain you need to ensure that this account can logon to the machine where the management service is located.

    As a test, in a command prompt run:

    runas /user:TEST\administrator cmd

    after entering a password, If this launches a command prompt then that is the first hurdle.  If it fails, the message should guide you.  If SEC is on a DC in the PROD domain ensure:TEST\administrator has been granted the ability to log on to the machine.  If it succeeds what error do you get when you try to protect the machines in TEST?

    Thanks,

    Jak

    :3164
Children
No Data
Unfiltered HTML