1 Reply Latest reply on Jul 4, 2012 2:33 AM by odedb

    ePO Access and cross domain group membership

    odedb

      OK, I've encountered something weird with ePO 4.5.4 when trying to create new permissions sets.

       

      Assume I have 2 active directory domains A and B and a full-trust relationship between them.

      Each domain has LDAP server registered and synchronized in ePO.

       

      Now, my new permission set includes an Active Directory group from domain A. This is a Universal group, so the group has members from both domains.

      However, only users from domain A can access ePO console. The users from domain B can't login even though they are members of the group thus should have access.

       

      Anyone seen this scenario ?

       

      I assume I can create another group in domain B to hold the users from that domain, but that will add complexity when users are not assigned manually...

       

      Thanks !