Jump to content


Photo
- - - - -

sub-domain authentication on ProIV service Windows


No replies to this topic

#1 nveger

nveger

    Newbie

  • Members
  • Pip
  • 1 posts

Posted 31 January 2013 - 02:35 PM

Hello,

I am using an application that has a proiv-kernel (version 4.6). The server running this Pro4-service is a windows-2008 machine, and it is domain member.

When we want to integrate AD-login, the application supplier told me that I had to change the pro4.ini-file in the C:\Windows\-directory and enable the following settings:

[ENVIRONMENT]
CDATE_50=Y
USERNAME_VALIDATE=Y
USER_DOMAIN=WORLD.LOCAL

Next to that, I have to set a user-part in the same file:
[USER <domain_username>]
INIPATH=D:\GLOVIA\INIFILES\glprod_rt.INI
PROIVCODIV=MDC
PROIVOPER=CD

The problem I am facing is the following:
- the server is part of the (TOP LEVEL) domain called WORLD.LOCAL.
- This domain has some hierarchies underneath it, called AMER (americas), APAC (asia pacific) and EMEA.
- we have user containers in the AD, containing people located in AMER, APAC and EMEA
- now we have users from AMER and EMEA, trying to login to this application and we want to set the USERNAME_VALIDATE=Y on, to ensure AD-credentials are being used at login.
- the PROIV NT server - Service is running with the top-level administrator account (see attached jpg Capture1.JPG)

It works when we enter USER_DOMAIN=EMEA.WORLD.LOCAL, but then ONLY people located in the container EMEA can login. People from the AMER domain are not able to validate their username/password against AD and can't login.

We tried to enter USER_DOMAIN=WORLD.LOCAL, but then we can't get it to work at all. We tried to login via the application with EMEA\<username>, but that doesn't work.
We tried to enter in the pro4.ini file the user section with: [USER EMEA\<domain_username>] but that doesn't work.
We tried *.WORLD.LOCAL in the USER_DOMAIN-section, that also didn't work.
The error message we constantly get is in attached jpg Capture.JPG)


So our question is: is it possible to make use of multiple domain / sub-domains underneath the top-level and still get authentication working?

Any help would be greatly appreciated.

Kind Regards
Norman Veger
norveg@uebv.com

Attached Thumbnails

  • Capture.JPG
  • Capture1.JPG




Reply to this topic



  


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users