0 votes

My AD domain is domain.com and all of my users have a UPN of first.last@domain.com, which matches their email address. Everyone can login to self service using the UPN without any issue., we instruct them to use their "email address" as the uesrname.

I have a group of users in my domain that I do not host their email. They actually are part of an entirely separate AD domain and there is no trusts to that domain, nor can there be. But, thees users need logins in my domain for some of our resources, and to show up in our GAL. We have created "mail userr" objects for them in AD/Exchange. This is different than a regular AD user in that they have an AD account but the email address is an external address (like a contact) These users have a UPN of first.last@domain.com and an email address defined of first@otherdomain.com

I'd like to allow these users to login to self-service using their email address (first@otherdomain.com). To try and make this worked I added "Email" and "Email Proxy Address" as additional properties in self-service admin, properties for users section.

When I then try to login to self servce using first@otherdomain.com, I receive a red message saying "'otherdomain.com' is not operational"

Is there any way to make this work?

by (220 points)
0

Hello,

Sorry for the confusion, but we are not sure we understand you correctly. Do the users in question actually exist in the domain.com domain as user accounts and have the Email property set to first@otherdomain.com? What exactly do you mean by “created mail user objects”?

Where exactly did you add the Email and Email Proxy Addresses properties? Could you, please, post here or send us (support[at]adaxes.com) a screenshot?

0

Sorry for the confusion, but we are not sure we understand you correctly. Do the users in question actually exist in the domain.com domain as user accounts and have the Email property set to first@otherdomain.com?

Correct. I do not host email @otherdomain.com within my AD domain where these users exist.

What exactly do you mean by “created mail user objects”?

In Exchange Control Panel, this is done by going to Recipients -> Contacts -> New -> Mail User. This process creats a a full AD user object that also has Exchange attributes like a contact. This tells the Exchange server the email associated with the AD user object is an external SMTP address. This object has no Exchange mailbox.

Where exactly did you add the Email and Email Proxy Addresses properties?

This was done in Adaxes Website Configuration (http://www.selfserviceurl.com/adaxesconfig) -> Common Sign In -> Sign In section -> Username sub-section -> Property for Username

The Self-Service site in the Adaxes Website Configuration is set to "use the common sign in page" under the Sign In section of the Self-Service site config

1 Answer

0 votes
by (223k points)
selected by
Best answer

Hello,

Thank you for the provided details.

It looks like you have the sign in settings configured correctly. Could you make sure that the Email property of the users stores the correct email addresses? Also, please, refresh the Sign In page using Ctrl+F5 before checking the updates made to the sign in settings.

If the emails are correct, but the issue persists, please, specify the version of Adaxes you are currently using. To check that:

  1. Launch Adaxes Administration Console.
  2. In the Console Tree, right-click your service.
  3. In the context menu, click Properties.
  4. Adaxes version will be displayed on the General tab.
0

CTRL-F5 did the trick, it's now working.

Related questions

0 votes
1 answer

We have multiple secondary domains that are being managed by Adaxes. Everything seems to be working except self service portal login. We tested with our other secondary domains and those ... other than sign failed. What else can I look at to figure this out?

asked Aug 21, 2020 by mark.it.admin (1.8k points)
0 votes
1 answer

Hello, I am trying to find out if there is a way to tag/add a commonly used internal name after a domain name in adaxes, to make it easier for helpdesk ... domain.local - Development Domain Instead of just pdydev742.domain.local Any ideas? Thanks very much.

asked Jul 16, 2018 by Jasonmh (540 points)
0 votes
1 answer

It appears under the selfservice website that users can not search past the domain they are in. We have items in different domains. How can I open up search to allow the other domains? I've looked at the config for the web interface and I'm not sure.

asked Aug 20, 2020 by ComputerHabit (790 points)
0 votes
0 answers

Hi Evryone, I am trying to set up an external portal within a new webserver on dmz, and with only access to a webservice created from selfservice. The new webservice is only ... login, only reset password. What I am mising there that its not working? Thanks,

asked Nov 26, 2021 by yagoityd (20 points)
0 votes
1 answer

When enrolling a user for self-service with Adaxes, does this qualify them to reset their passwords via Microsoft Online as well? A lot of our SaaS products use Microsoft ... policies? I.e. Security Questions setup with Microsoft Account, MFA etc. Thanks, Dean

asked Jul 14, 2020 by dcallaghan (20 points)
2,761 questions
2,495 answers
6,538 comments
1,483,365 users