返回
-
标题
Admins unable to manage tokens in sibling domain -
说明
We have users/admins in sibling domains attempting to issue/manage OTP tokens in their local domain without success.
The error being received by the Admins is "You cannot program a Defender Desktop Token as you have not been assigned the correct rights to create tokens." -
原因
The Defender license is for one sibling only, and exists in that domain, e.g.: a.domain.com. Thus it cannot be used for b.domain.com, the sibling. -
解决办法
In an Active Directory forest, such as the example above, where there is a root, and child domains, if Defender will be used throughout the forest, then request a license for the root level.
The root level license, i.e. DC=domain,DC=com, can be installed in the child domain, a.domain.com.