Configure the Management Center for Cross-Domain-Trust: The Setup
This is an introduction to several topics that walk you through configuring the management center with two realms with cross-domain trust.
This step-by-step example involves two forests: forest.example.com and eastforest.example.com . The forests are configured so that certain users and groups in each forest can be authenticated by Microsoft AD in the other forest.
Following is the example setup used in this example.
Using the preceding example, you would set up the management center as follows:
-
Realm and directory for any domain in forest.example.com that contains users you want to control with access control policy
-
Realm and directory for any domain in eastforest.example.com that contains users you want to control with access control policy
Each realm in the example has one domain controller, which is configured in the management center as a directory. The directories in this example are configured as follows:
-
forest.example.com
-
Base distinguished name (DN) for users: ou=UsersWest,dc=forest,dc=example,dc=com
-
Base DN for groups: ou=EngineringWest,dc=forest,dc=example,dc=com
-
-
eastforest.example.com
-
Base DN for users: ou=EastUsers,dc=eastforest,dc=example,dc=com
-
Base DN for groups: ou=EastEngineering,dc=eastforest,dc=example,dc=com
-