Return
-
Title
Requirements to allow User Accounts from another Domain to be Active Roles Administrators -
Description
In environments with multiple Active Directory Domains, it might be necessary for User accounts from other domains to be granted Active Roles Administrator access. -
Resolution
- A two-way, transitive trust is required between the Domain hosting the Active Roles service account and the Domain hosting the User accounts which need to be Active Roles Administrators.
- In the Active Roles Configuration Center, ensure that the Active Roles Admin role group is specified. This Active Directory group must be of type Domain Local. If it is not currently this type, then it needs to be changed to this type.
- Populate the above Active Roles Admin role group with members. These can be from both the local or trusted Domain.