Topic
  • 2 replies
  • Latest Post - ‏2014-03-31T10:15:54Z by JoseManuelGomez
JanStraarup
JanStraarup
3 Posts

Pinned topic TRC login with AD credentials

‏2014-03-28T14:43:19Z |

Hi

 

I am setting up TRC in p2p mode but am having a issue.

When i set the CheckUserGroup to my domain administrators i get a error "the target has refused the session.

It is working fine with the builtin\administrators group, but only with local accounts.

I can't seem to find documentation that says if what i am trying is possible or not.

 

Regards Jan

 

  • jgstew
    jgstew
    18 Posts

    Re: TRC login with AD credentials

    ‏2014-03-28T15:29:03Z  

     

    I don't have experience using TRC with AD creds.

     

    If you are using v9+ of BigFix / IEM, then you could create a local admin on the endpoint, set its password using a secure parameter, then delete it or otherwise maintain it.

     

    See a set password example using secure parameters here:

    Win: http://bigfix.me/fixlet/details/3670

    Mac: http://bigfix.me/fixlet/details/3671

     

    The secure parameter uses client mailboxing and encryption. The password is entered into the console, encrypted, then sent to the endpoint so that only the endpoint can decrypt it.

     

  • JoseManuelGomez
    JoseManuelGomez
    12 Posts

    Re: TRC login with AD credentials

    ‏2014-03-31T10:15:54Z  

    Hi Jan,

    Authenticating P2P sessions with AD credentials is supported and should work, but there is a limitation as you say with Builtin\Administrator in that it only works with local accounts in the system.

    I think it would be best to open a PMR and go through the official support process to troubleshoot this issue. Please include in the PMR submission a target log showing the login failure. Here is how to get target logs enabled: http://www-01.ibm.com/support/docview.wss?uid=swg21640296.