0 votes

Hi All,

I have 2 domains (A & B) which do not know of each other and have a firewall between them.

I would like to manage domain B from domain A. I thought the correct route was to setup an Adaxes server in both domains and then connect using the new managed domain on Adaxes with the IP address of the adaxes server. I have opened up the firewall to everything I could find on this page https://www.adaxes.com/questions/20/what-ports-does-adaxes-use and have disabled the windows firewall on both boxes.

Still no luck. Can anyone help?

Edit. If I point Adaxes at the domain controller of domain B I can get to the next screen where it says specify a service account. However after entering credentials I get " 'example.com' is not operational" where example.com is domain B.

Many Thanks

by (440 points)
edited by

1 Answer

0 votes
by (270k points)
selected by
Best answer

Hello Anton,

To manage multiple domains in Adaxes you do not need to install an instance of Adaxes service in each of the domains. You just need to register the domains in your existing service instance. For the registration to work, make sure that all the ports specified in the FAQ article you referenced are open.

0

Hi,

Thanks for getting back to me.

I have now taken this off to a development environment in which all windows firewalls are disabled and there is no firewall between the two domains.

From the Adaxes add a managed domain I can add 'dev' which is the domain 'dev.net' however when I try and enter credentials it says that 'dev.net' is not operational.

Is there anything else I can test to try and diagnose this?

image.png

0

Hello Anton,

It looks like some ports used by Adaxes are closed between the computer where Adaxes service is running and domain controllers of the domain you are registering. For details on the ports, have a lok at section Adaxes Service of the following FAQ article: https://www.adaxes.com/questions/20/what-ports-does-adaxes-use. Once all the ports are open, try to register the domain again.

0

If I want to setup a shared configuration as well across seperate domains. Ie. Domain A Adaxes is main and Domain B Adaxes tries to connect to the one in Domain A as a shared configuration.

Do the ports just need to be open between Adaxes servers or do they need access to domain controllers as well?

0

Hello Anton,

You will need to open all the ports used by Adaxes service for both computers. Also, you will need to open the RPC ports for replication between the computers where the instances of Adaxes service will be installed.

0

image.png

Any ideas, firewall disabled on both machines and no firewall between? Trying to connect from dev.net domain to home.net domain. Both users are domain admins.

Note: Adaxes does see the adaxes service when I hit select

0

Hello Anton,

Did you open all the required ports between the computer in dev.net where Adaxes service is installed and a domain controller (DC) of domain home.net? The ports need to be open for outgoing connections on the computer where your Adaxes service is installed, and for incoming connections on the DC that you want Adaxes to connect to.

0

This is how the firewalls are setup on all servers on both domains. Settings the same for domain, private and public profile. Severs can both see each other, DNS lookup resolves okay. Don't know what else I can look into.

image.png

0

Hello Anton,

What about the domain controller (DC) of domain home.net? Did you make sure that all the required ports are open for incoming connections there?

Also, according to your last screenshot, you are attempting to install a new instance of Adaxes service sharing common configuration with an existing one, not to just register a domain. It will not work in your case as such installation requires trust relationships between the domains.

Related questions

0 votes
1 answer

We are looking to use Adaxes to create and manage Managed Service Accounts in the "Managed Service Accounts" OU. Is this possible through Adaxes? Thank you.

asked Nov 14, 2019 by lgibbens (320 points)
0 votes
0 answers

You do not need to create a trust between AD domains to manage them with an Adaxes service. When registering an AD domain, an account with administrative permissions ... control the user access to the managed resources, the Adaxes service uses Security Roles.

asked Apr 29, 2009 by Adaxes (550 points)
0 votes
1 answer

Can I manage the user that is user by Adaxes to connect to Active Directory with Privilege Access Management (PAM)? Since this user can change user's password, ... would like to manage this user so that PAM can change/rotate the password periodically

asked Nov 18, 2021 by fachmi (170 points)
0 votes
1 answer

We have Exchange 2010 OnPrem and Office 365 Exchange Online in a full Hybrid environment. Using AD Active Sync. We have now moved all of our mailboxes to Exchange ... manage the OnPrem Exchange AD Attributes after the last Exchange 2010 server is removed?

asked Jun 1, 2020 by StevePogue (20 points)
0 votes
0 answers

Starting from Adaxes 2023, you can manage Azure AD users, groups, and resource mailboxes that are not synchronized with an on-premises AD domain. However, having a registered ... the entire Azure AD domain in the scope of your Microsoft 365 tenant in Adaxes.

asked Feb 16, 2023 by Adaxes (550 points)
3,326 questions
3,025 answers
7,727 comments
544,678 users