Topic
2 replies Latest Post - ‏2014-03-31T10:15:54Z by JoseManuelGomez
JanStraarup
JanStraarup
3 Posts
ACCEPTED ANSWER

Pinned topic TRC login with AD credentials

‏2014-03-28T14:43:19Z |

Hi

 

I am setting up TRC in p2p mode but am having a issue.

When i set the CheckUserGroup to my domain administrators i get a error "the target has refused the session.

It is working fine with the builtin\administrators group, but only with local accounts.

I can't seem to find documentation that says if what i am trying is possible or not.

 

Regards Jan

 

  • jgstew
    jgstew
    18 Posts
    ACCEPTED ANSWER

    Re: TRC login with AD credentials

    ‏2014-03-28T15:29:03Z  in response to JanStraarup

     

    I don't have experience using TRC with AD creds.

     

    If you are using v9+ of BigFix / IEM, then you could create a local admin on the endpoint, set its password using a secure parameter, then delete it or otherwise maintain it.

     

    See a set password example using secure parameters here:

    Win: http://bigfix.me/fixlet/details/3670

    Mac: http://bigfix.me/fixlet/details/3671

     

    The secure parameter uses client mailboxing and encryption. The password is entered into the console, encrypted, then sent to the endpoint so that only the endpoint can decrypt it.

     

    Updated on 2014-03-28T15:30:27Z at 2014-03-28T15:30:27Z by jgstew
  • JoseManuelGomez
    JoseManuelGomez
    12 Posts
    ACCEPTED ANSWER

    Re: TRC login with AD credentials

    ‏2014-03-31T10:15:54Z  in response to JanStraarup

    Hi Jan,

    Authenticating P2P sessions with AD credentials is supported and should work, but there is a limitation as you say with Builtin\Administrator in that it only works with local accounts in the system.

    I think it would be best to open a PMR and go through the official support process to troubleshoot this issue. Please include in the PMR submission a target log showing the login failure. Here is how to get target logs enabled: http://www-01.ibm.com/support/docview.wss?uid=swg21640296.