Skip to content
DataMiner DoJo

More results...

Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors
Search in posts
Search in pages
Search in posts
Search in pages
Log in
Menu
  • Updates & Insights
  • Questions
  • Learning
    • E-learning Courses
    • Empower Replay: Limited Edition
    • Tutorials
    • Open Classroom Training
    • Agility
      • Kanban workshop
      • Agile Fundamentals
    • Certification
      • DataMiner Fundamentals
      • DataMiner Configurator
      • DataMiner Automation
      • Scripts & Connectors Developer: HTTP Basics
      • Scripts & Connectors Developer: SNMP Basics
      • Visual Overview – Level 1
      • Verify a certificate
    • Video Library
    • Books We Like
    • >> Go to DataMiner Docs
  • Expert Center
    • Solutions & Use Cases
      • Solutions
      • Use Case Library
    • Markets & Industries
      • Media production
      • Government & defense
      • Content distribution
      • Service providers
      • Partners
      • OSS/BSS
    • Agile
      • Agile Webspace
      • Everything Agile
        • The Agile Manifesto
        • Best Practices
        • Retro Recipes
      • Methodologies
        • The Scrum Framework
        • Kanban
        • Extreme Programming
      • Roles
        • The Product Owner
        • The Agile Coach
        • The Quality & UX Coach (QX)
    • DataMiner DevOps Professional Program
      • About the DevOps Program
      • DataMiner DevOps Support
  • Downloads
  • More
    • Feature Suggestions
    • Climb the leaderboard!
    • Swag Shop
    • Contact
    • Global Feedback Survey
  • Support
  • PARTNERS
    • All Partners
    • Technology Partners
    • Strategic Partner Program
    • Deal Registration
  • >> Go to dataminer.services

Setting up Dataminer for Multiple Active Directories in same Forest

Solved1.95K views13th October 2022Active Directory LDAP
3
Ryan Reuss [SLC] [DevOps Member]490 18th February 2022 0 Comments

Hello Team,

When adding multiple Active Directories into the System Center > System Settings > LDAP , the DataMiner help mentions:

  • In case DataMiner is required to directly access multiple domain controllers, you will need to change your DataMiner System configuration via System Center > System settings > LDAP, and provide the system with the correct LDAP (AD) information for each LDAP (AD) connection.

More detailed info on this can also be found in the DataMiner help pages available on any DataMiner Agent under the    section Advanced security configuration > Configuring LDAP settings.

https://docs.dataminer.services/user-guide/Advanced_Functionality/Security/Advanced_security_configuration/Configuring_LDAP_settings.html

I was wondering if there was an example for how this should look for the following: three separate domains in the same forest (we’ll call them XXX, YYY and ZZZ).

I just tested LDAP with a group as they are in the YYY domain.

I added the security group as a local group with the domain attached. Added admin permissions and access to all views. Tested logging in with two separate users that were both part of the security group and neither could log in.

I tested removing the ZZZ portion from the naming context just for fun, currently set as DC='111',DC='222', and it took about 15 minutes to pull up a list of security groups.

When adding an existing group is selected no groups pop up so I am assuming the current configuration is not working.

Thanks in advance!

André Kaiser [DevOps Advocate] Answered question 13th October 2022

3 Answers

  • Active
  • Voted
  • Newest
  • Oldest
3
Ryan Reuss [SLC] [DevOps Member]490 Posted 29th March 2022 1 Comment

Adding the Top level domain in the naming context should work for this. (For example: Top level "Skyline.be" containing all sub domains would be named, DC = Skyline , DC = be ) Please note, If a group contains users from multiple domains this might not be possible if the top level domain isn't Universal or configured properly.

Tip from the help regarding referrals -

When a user group in the DataMiner domain contains users from another domain, by default, referrals are used to retrieve these users. This means that when information is asked from the DataMiner domain about a different domain, the request is automatically forwarded. If referrals are not configured on the directory, this will not work, so that it can appear that a domain group does not contain any users. In that case, the attribute referralConfigured="false" should be added to the LDAP tag in DataMiner.xml, so that a connection is made with the other Domain Controller and the latter is queried directly. (Will throw an error if this is the case)

Also check the Skyline DataMiner / tools folder for the ReloadLDAP.js file as this was missing in the 10.0 ISO and when upgrading to 10.1 it was not added back. We copied one from another DMA, so if you are having directory issues make sure to check this.

Chris Glover [DevOps Advocate] Posted new comment 15th December 2022
Chris Glover [DevOps Advocate] commented 15th December 2022

That last paragraph was really helpful. We were scrating our heads as to why it was missing on some of our servers!

You are viewing 1 out of 3 answers, click here to view all answers.
Please login to be able to comment or post an answer.

My DevOps rank

DevOps Members get more insights on their profile page.

My user earnings

0 Dojo credits

Spend your credits in our swag shop.

0 Reputation points

Boost your reputation, climb the leaderboard.

Promo banner DataMiner DevOps Professiona Program
DataMiner Integration Studio (DIS)
Empower Katas
Privacy Policy • Terms & Conditions • Contact

© 2025 Skyline Communications. All rights reserved.

DOJO Q&A widget

Can't find what you need?

? Explore the Q&A DataMiner Docs

[ Placeholder content for popup link ] WordPress Download Manager - Best Download Management Plugin