Cross domain or cross forest authentication fails. Cross domain groups not working, users showing not allowed with checkaccess command (4286296)

Chat now with support

Return

Feedback Submitted

Did this article solve an issue for you?

Select Rating

Title

Cross domain or cross forest authentication fails. Cross domain groups not working, users showing not allowed with checkaccess command
Description

Cross domain or cross forest authentication fails.
Users are not resolved as being ALLOWED when they are in a nested group in the users.allow file.
Cross domain groups not working in version 4.1.0.21853 version.
Cause

Product defect 473244 seen in version 4.1.0.21853:
Description: tokenGroups now doesn't get global group memberships
Fixed in 4.1.0.21906, product defect ID: 473244
* vasd/api: Modify behavior of the 354599 change. Now, if a user is in the same
forest but different domain, do both a joined GC and user's DC query and
combine the results. This will provide the most complete picture of a user's
group memberships at a slight speed cost. But with the fixing of 458800, the
net result is faster loading.
Resolution

STATUS:
Fixed.
RESOLUTION:
Upgrade to Authentication Services 4.1 Maintenance Fix
Change Request

473244

Feedback Submitted

Did this article solve an issue for you?

Select Rating

Title