Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 4 replies
  • Subscribers 5 subscribers
  • Views 12179 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Active Directory connection with subdomains

schmidtla

My solution: Sophos Mobile Control 3.6.0.5

I want to manage Users from some subdomains with one customer account. How can I configure this?

My main domain is company.local. Then I have three subdomains. subcompany1.company.local subcompany2.company.local ...

In all domains I have users with mobile devices. In Sophos Mobile Control I could create different customer for each subdomain. But this is not my preferred solution. I want to manage all users with one customer.

What are the seetings for this way?

Thanks for the support

:46801


This thread was automatically locked due to age.
  • 0

    Hi schmidtla,

    you can create one user group on your root domain. Each user of the subdomain should be a member of this global group.

    When configuring the LDAP user group which should be able to access the Self Service Portal you can specify the group you have created on the root domain.
    Once configured, all users being a member of this group should be able to login at the Self Service Portal.

    For  further information on the configuration of the LDAP configuration can be found in our KBA 118783 or in chapter 7.3 of the super administrator guide available here.

    I hope this helps.

    Best  regards

    Stefan

    :46839
  • 0

    Thanks for your answer.

    The correct connection to our root domain works fine (with a group for the SSP). Now I changed the group from global to universal to host users from subdomains. I can login with all users from the root domain. But I can't login with users from the subdomain in the ssp. I test the following login credentials for the user

    1. user = username

    2. user = netbiosdomain\username

    3. user = username@subdomain

    But I can't login to the ssp.

    In the management console I don't find any users from subdomains to directly connect a mobile device to a active directory user.

    The user for the ldap search has the right to connect the root domain and all sub domains.

    :46841
  • 0

    Hi schmidtla,

    can you please edit your LDAP configuration for your customer within SMC and specify the Global Catalog port behind the URL of your LDAP server?

    The global catalog port would be 3268 or 3269 for the secure connection.
    So the URL would look like LDAP.company.com:3288 or LDAP.company.com:3269

    Please do not mark the "SSL" checkbox when specifying the port using the colon.

    Best regards

    Stefan

    :46845
  • 0

    Hi Stefan,

    Perfect! Now it works. Thanks for your help

    Torsten :smileylol:

    :46847
Unfiltered HTML