Storefront Authentication in Multi Forest Environment

Storefront Authentication in Multi Forest Environment

book

Article ID: CTX206837

calendar_today

Updated On:

Description

Users cannot authenticate in a multi forest environment.

Got a Storefront in Domain A and the Users coming from Domain B. The 2 domains are 2-way trusted with a selective trust. There is an article about VDA and DDC registration which shows what you need to configure in this particular scenario.

We need something similar to this but regarding user objects and storefront. Can you advise?

Resolution

  • Give the Users (from the customer domain) the following permission on the SF’s AD Computer-Object: Read and Allowed to Authenticate.
  • Give the Users (from the customer domain) the following permission on the DDC’s AD Computer-Object: Read and Allowed to Authenticate.

Problem Cause

Requirement - Selective authentication between (DDC and SF Server)'s domain and User's domain.
Forest wide authentication is not an option.
Powered by Wolken Software