Adaxes

One domain managing another

0 votes

We have two AD domains, DomainA and DomainB. DomainA has a service desk that needs to manage DomainB users. Logins are done through EntraID SAML.

In DomainB, there is a group with foreign security principals of DomainA users, that has security role to allow management. FSPs don't sync with AzureAD Connect so at first they couldn't even get past SAML. We've then put in their DomainB contacts, which allow for SAML to succeed.

When DomainA users login through SAML, they are greeted with an error stating that Domain 'domaina.org' is not managed by Adaxes (no logon information provided). We don't wish to manage Azure or DomainA through Adaxes, just DomainB.

by (60 points)

1 Answer

0 votes
by (262k points)

Hello Bennett,

Unfortunately, there is no such possibility. Only users from managed domains can log in. Also, currently, Entra ID (Azure) users cannot log in to Adaxes. The feature is planned for future releases.

Related questions

0 votes
1 answer
We're having trouble allowing our helpdesk to add users located in one domain to groups located in another domain

They can navigate to both the user or the group within the ADAXES web interface without issue. They can then either Add to Group or Add Member but the resulting ... something to the web interface which prevents changing the lookup domain. Any ideas? Thanks!

asked Apr 9, 2020 by VTPatsFan (610 points)
0 votes
1 answer
Allow one department to modify group members who are from another department

We have a potentially complicated sitaution and so far I have no found a solution. Any suggestions will be greatly appreciated. We have specific security groups that ... or see any user details other than the memberships for these specific security groups.

asked Jan 2 by WannabeGuru (20 points)
0 votes
1 answer
copy groups from one user to another

goal is to copy groups from one user to another during the crete user process. I created a variable on the create user form to input the UPN of the ... primaryGroupToken") -eq $primaryGroupId) { continue } $group.Remove($Context.TargetObject.AdsPath) } }

asked Nov 30, 2021 by Derek.Axe (460 points)
0 votes
1 answer
Powershell: Removing a user from one group and adding to another via Scheduled Task

I have a scheduled task that runs a Powershell script against an AD group, "Group 1". I need to get all of the members of Group 1, and add them to Group 2. The ... identity in the error message start with 'user;'? What is the correct way to accomplish this?

asked Aug 27, 2019 by ngb (180 points)
0 votes
1 answer
Copy member of from one user to another

We have several contractors that come and go, it would be helpful to have a custom command that will copy only the member of groups from one user to another. We have done this previously with ... ; write-warning "I'm sorry, Jay. I'm afraid I can't do that." }

asked Jan 9, 2017 by willy-wally (3.2k points)
3,221 questions
2,923 answers
7,488 comments
532,709 users