When attempting to add a trusted domain from another forest in Active Roles, the operation failed with the error
The specified domain either does not exist or could not be contacted.
The Active Roles Administration Service is in a child domain.
This issue might present itself after installing Microsoft security patches on the Domain Controllers in the trusted domain.
After enabling Kerberos logging, KDC_ERR_ETYPE_NOSUPP errors are noted in the System logs on the Active Roles Administration Service host.
WORKAROUND
Follow Method 2 in the Resolution section of this Microsoft resource.
STATUS
An Enhancement Request has been created to integrate this functionality into Active Roles. Product Management will evaluate the request and this feature may become available in a future release of the product.
There are no guarantees that this specific enhancement request will be implemented in a future release. For more information regarding our Enhancement Request policy, refer to our Global Support Guide on the Support Portal at: https://support.oneidentity.com/essentials/support-guide/
© ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center