Active Directory Alternative?

Similar Questions

• Is there another solution to integrate NAC Appliance and Active Directory on Windows 2008 64 bit

  I'm trying to integrate a device of the NAC solution in a network where all domian servers and application servers are Windows 2008 64-bit.

  Could someone help me to confirm if Active Directory (AD) on Windows 2008 is not taken in charge and tell me what alternatives exist to authenticate users who consider that it is not possible to make any changes on the server. They will continue to be Windows 2008 64 bit.

  The original idea was to use AD SSO to authenticate users, but I read that it is not supported on Windows 2008 64 bit.

  I'd appreciate any help or suggestions.

  Concerning

  Arturo Monroy

  Arturo,

  You can use LDAP. Configure an LDAP authentication provider and have your customers to provide their credentials.

  It will not however a single code access scenario. They would have to enter their credentials again on the NAC agent.

  Support for 64 - bit is on its way and will be out in the new versions soon.

  HTH,

  Faisal

• Cisco ISE 1.3 question Active Directory

  Hi people

  I'm having a problem with our Cisco ISE and would love some comments or a solution. I configured to ISE to use our Active Directory setup and so far it seems to be functional. I could connect to retrieve ad groups and use AD for authentication. The problem I encounter is that when I try to go to the ' Administration > Identity Management > Sources external page and select our instance AD in the window side left hand screen hangs and won't load.  Any advice?

  ad_error.PNG

  

  You are using a supported browser and have you tried an alternative one?

  If you are using a supported browser, it looks like a bug in the layout of the page. I was opening, in this case, a case of TAC. I had this same work of page very well for me in the three different 1.3 deployments.

• OEDQ integration with Active Directory - disable SSL

  Hi mates,

  I just installed OEDQ (latest version) on a Unix machine (deployed on WebLogic Server 10.3.6) but I have a few concerns:

  • SSL communications -> is mandatory? I mean, I tried to expose dndirector via a Server Web Apache OHS admin page. I am able to access the page from admin in raw mode, but every time I try to access a specific feature (dashboard, user management, server configuration, etc.) I am redirected to https://< web-server-hostname >: < wls-server-ssl-port > / dndirector, if this is not what I expect. What's wrong? Moreover, if SSL is required, is there a way to expose the console via apache (avoiding any redirect)?
  • OEDQ with Active Directory -> documentation- OEDQ integration with Active Directory - covers just Single Sign-on configuration (on the two Windows/Unix os). What about a simple configuration pointing to an external ldap? The documentation States the following statement:

  It is also possible to configure OEDQ to work with servers of different directory for authentication of users and the identification of the user. For more information on the alternative configurations, "see"contact us" "

  So, how can I achieve this?

  Pointers?

  Thanks in advance,

  Marco

  Marco

  Here is an example configuration that can be used to integrate with AD.  Create a folder called Security in your Disqualification configuration directory, and save the file in this folder as login.properties.  There are a few supporinting of documentation online this process in aid of the Disqualification.

  Here is the file, I'll add a few notes below:

  realms                        = internal, adgss                           = false
  
  ad.realm                      = EXAMPLE.COMad.auth                       = ldapad.auth.bindmethod            = digest-md5ad.auth.binddn                = search: sAMAccountNamead.ldap.server                = dc.example.comad.ldap.auth                  = simplead.ldap.user                  = [email protected]                    = testad.ldap.profile               = adsldapad.ldap.prof.defaultusergroup = testgroupad.ldap.prof.useprimarygroup  = false
  

  The kingdoms line indicates that the 'internal' (Disqualification internal users such as dnadmin) Kingdom and the Kingdom of AD should be used.  Once you are satisfied with the integration of ads you can remove the internal domain and use AD exclusively.  The domain property sets the name of the field AD - here I used EXAMPLE.COM.

  The server property sets the DNS name of the AD server.  If omitted, it is looked up in the DNS.

  The lines of the user and pw are used to connect to AD Disqualification.

  The defaultusergroup line is the name of a LDAP group that contains all users who will use the Disqualification.  The default value for this is domain users that contains usually much too many users.

  Once it is setup and working, you can go to Setup user Disqualification and see a link to external groups that attach ad with Disqualification groups groups to assign permissions to users.

  I hope this helps.

  Richard

• Open migration to Active Directory directory Windows vs Mac

  OK, so I help my old school to their IT needs, because they do not have a person hired for this role.

  Currently, they have a center where the staff use computers based on Windows 10 10 (systems of Core 2 Duo, especially assembled; all about 3 years) connected to a Windows 2008 Server (from Dell; about a year). As the institution wishes to expand the computers available to their staff (from 90), my suggestion was to move to Mac (probably 11 '' MBAs), with a MacBook Pro 15 "is the duty of the server.

  This migration can be done in one shot and would happen progressively (probably MBAs purchased each year for the next four years, 20-25).

  The current configuration is that there is a local + Admin user configured on each of the 10 Windows PC - based, with all personnel having access to the user not local administrator.

  In order to facilitate the management, I would like to move to the logons on the network, as we begin our migration to a Mac OS environment.

  Should we configure AD on Windows Server and bind it as MBAs, and when to buy us, with the final being the MBP 15 "for server-buying functions, or is it possible we can get the MBP 15" now and use Open Directory and binding the existing 10 10 Windows-PC with the macOS Server?

  NOTE: The school operates Google Apps, and all employees have a Google Apps account with a custom domain name.

  You can't link PCs to Open Directory without using 3rd - Party (page). In addition, depending on the operating system will not work reliable? You'd have to trial it first. Beyond bond and provide a home folder there will be nothing else. No management, no policies etc Open Directory to your PC.

  Support way to achieve this is to use Active Directory and complete with OD to manage your estate of mac only. Again, you can apply GPOS for Mac without 3rd - Party help which can be very expensive.

  Not that it's something that you would consider - although you could do? It may be preferable to go ' all the mac "If your intention is to switch to Mac OS. If your PC using the software that is available only for PCs consider using virtual machines on your Mac to keep this aspect of the school.

  My 2 p

• Password locking Active Directory - Apple ID

  In my office, we have three Macbooks linked to the Active Directory domain and all the three machines to meet the same problem. On all three machines, we use different local Admin, Mobile AD managed accounts. Accounts use private Apple ID in Itunes and App store. All three accounts have experienced what seemed to be random AD accounts locks.

  We have managed to limit somewhat through troubleshooting a problem with Apple ID and keychain.

  Users, initially created their Apple ID with their e-mails and the company when they connect to their Apple App Store ID they get locked out AD almost immediately.

  After they changed their Apple ID to their private emails, they got locked out AD whenever they tried to authenticate more than 5 times on App Store (or any where else some application requires Apple ID). Even if their identity papers have absolutely nothing to do with their usernames and passwords AD account. Somehow Apple ID or key ring tries to authenticate against AD. Whenever you enter the password wrong or correct it increments the counter "badpwdcount" of 1. If you try to authenticate five or repeatedly, causes it to lock the user of the AD because of the "5 bad passwords GPO" in AD.

  Even if the user enters a password valid, it always raises the 1 meter. If the user authenticates Apple ID with its business e-mail the lockout is immediate, which would mean the Apple itself ID forces on AD in quick succession or done something that causes lock it the user to use the e-mail AD and move. Is not question even if the pass is the same on the AD and Apple ID.

  Can you suggest what newspapers should happen to us AD to eventually find the reason that newspapers we checked that no information. Even the attribute which must display the name of the computer where the lockout was made has no information.
  We know when the lockout occur and we manage to avoid them but we would like to know why they happen. Why Apple ID, or Keychain has something to do with authentication on AD.

  We have studied this issue widely on the Interwebs and found no information that we could carry on. Locking issues revolve around a few old passwords stored on IPad and other similar positions only here on communities are way back in 2007. None of this information relates to our AD locking problems.

  We even did some heavy troubleshooting with certificates, but nothing helped.

  Someone else has the same or similar problems?

  I run several Mac Pro and Macbook Pro (El Capitan OS X 10.11.5 & 10.11.6) with the mobile AD accounts and links AD back to the domain AD WIN2012R2 server, where connection system is different from the apple ID used to access the apple store/itunes and have no problem with locked out as you describe.

  I've known a lot of problems but with "compatibility between previous versions of Mac OS X (Mavericks and Yosemite)" with WINSBS2003 then WIN2008 Server OS. Do not know what is the relationship of platform (OS X to WIN) of the software you have.

  I have found many problems have been fixed just by signing on iCloud, restart the MAC then sign in iCloud, don't know if doing the same thing could help you. The offender has generally been OS X, especially after an upgrade.

  Are your Mac related to AD, but search LDAP and NIS or too? This was one of my problems with WIN2008 and Nonconformists.

• Replication Active Directory for ReadyNas

  After you create a security group in Active Directory, how long should I wait before I can see this group when you use the ReadyNas interface? I created a group via AD but when I search for it through the ReadyNas interface is not appear after 10 minutes so far.

  Hi prcist,

  Please confirm that the problem has been resolved. Please continue to ask questions, share ideas and suggestion in the community.

  Kind regards

  BrianL
  NETGEAR community

• Can I use active directory to validate users?

  Hello

  Is it possible to link Active Directory users Teststand?

  I want to do because it allows the user to use their journal same password for the PC.

  Kind regards

  Shakeel

  
  

• Active directory Migration from Windows Server 2003 to Windows server 2012

  Hi all

  Currently, I use the windows Server 2003 R2 Enterprise SP2 with AD, DNS and DHCP server. I want migration of these services to new fresh Windows Server 2012 R2 Standard machine. I migrate to active directory after this statement: http://social.technet.microsoft.com/wiki/contents/articles/22249.migrate-active-directory-from-windows-server-2003-r2-to-windows-server-2012-r2.aspx, he gets with success, but the IP configuration on the source server not migrated to the destination server. So, all of you know that why the source server IP configuration cannot migrate to the destination server?

  Help please give me an advice.

  Thank you

  Hello

  Post your question in the TechNet Server Forums, as your question kindly is beyond the scope of these Forums.

  http://social.technet.Microsoft.com/forums/WindowsServer/en-us/home?category=WindowsServer

  TechNet forums:

  https://social.technet.Microsoft.com/forums/en-us/home

  MSDN forums:

  https://social.msdn.Microsoft.com/forums/en-us/home

  See you soon.

• Active Directory user profile question

  I have a weird problem.  I use two server Remote Office Server R2 2012 with roaming profiles.  If I create a new user profile in active directory all works fine.  I had a situation where I had to remove a user profile for cause of termination.  He was rehired after 3 days.  I created a new profile with the same username as before.  Now, when the user connects, they are logged in a temporary profile.  There is no .bak profile lists on with rds server.  Event files give a 1521 event ID Windows cannot locate the server copy of your roaming profile and is trying to connect you with your local profile. Changes to the profile will not be copied to the server when you log off. This error can be caused by network problems or insufficient security rights.

  DETAIL - access is denied.

  and 1511 Windows cannot find the local profile and connects you with a temporary profile. Changes to this profile will be lost when you log out.

  I thank in advance for your suggestions.

  Hello

  Post your question in the TechNet Server Forums, as your question kindly is beyond the scope of these Forums.

  http://social.technet.Microsoft.com/forums/WindowsServer/en-us/home?category=WindowsServer

  See you soon.

• Active Directory - join the domain for multiple devices

  Hi all

  I need your expertise to advice me how join domain for multiple devices.

  Currently my organization have more than 10,000 computers are made up of Windows XP, 7, 8 and 10.

  We will deploy new Active Directory server in the data center.

  Currently, we plan to go every computer/devices to perform a field joints. This method will take much time to complete the 10,000 devices.

  is there another method to do this?

  is there a method that all devices will join automatically field when it is connected to the corporate network.

  Thank you.

  Hello

  Post your question in the TechNet Server Forums, as your question kindly is beyond the scope of these Forums.

  http://social.technet.Microsoft.com/forums/WindowsServer/en-us/home?category=WindowsServer

  See you soon.

• Active Directory certificate services installation failed with the following error: unknown mapping algorithm. 0 X 80091002 (-2146889726 CRYPT_E_UNKNOWN_ALGO)

  Hello

  I installed the role of CA of the authority in the installation, I want to use the existing root certificate when I try to import this certificate .pfx, that I have this error

  Active Directory certificate services installation failed with the following error: unknown mapping algorithm. 0 X 80091002 (-2146889726 CRYPT_E_UNKNOWN_ALGO)

  Anyone know what's wrong

  Thanks for help.

  This issue is beyond the scope of this site (for consumers) and to be sure, you get the best (and fastest) reply, we have to ask either on Technet (for IT Pro) or MSDN (for developers)
  *

  http://social.technet.Microsoft.com/forums/en-us/home s/fr-U.S./Accueil
  http://social.msdn.Microsoft.com/Forum
  
  
  If you give us a link to the new thread we can point to some resources it

• Can I run Backup Server (Symantec BackupExec), accounts (fast book) on the single domain Active Directory server software

  Dear all,

  I am under domain, Active Directory and the backup server (Backup Exec) and called to account quick book on the same server.

  Does make all the problems? Kindly looking for answers.

  Hello

  Post your question in the TechNet Server Forums, as your question kindly is beyond the scope of these Forums.

  http://social.technet.Microsoft.com/forums/WindowsServer/en-us/home?category=WindowsServer

  See you soon.

• Installation of the Active Directory Management Gateway Service

  Help!

  I tried to install this on one of my Dc Windows 2003 Service Pack 2, Dot Net 3.51 and the necessary of KB. I desperately need the cumulative hotfix package that is mentioned in this article (https://support.microsoft.com/en-gb/kb/969166), so I can complete the installation. I desperately need this and sent by e-mail to Microsoft, but don't think I'll hear in the necessary time scale. I could cure it by installing dot net 4, but the company will not authorize the change this year. I wrote a powershell scripts to automate migration and don't have the time or skills to do it again in VB by Monday, any help gratefully received

  I get the following error message-question

  When you try to install the Active Directory Management Gateway service, the installation fails with the error "update does not apply to your system".

  This issue is beyond the scope of this site (for consumers) and to be sure, you get the best (and fastest) reply, we have to ask either on Technet (for IT Pro) or MSDN (for developers)
  *
  http://social.technet.Microsoft.com/forums/en-us/home s/fr-U.S./Accueil
  http://social.msdn.Microsoft.com/Forum

• Connection error Active Directory Windows Server R2 2012

  Hello

  That's my problem, I have two servers both running Windows Server R2 Datacenter 2012 I installed AD - DS on one of them and allow the installation to configure the DNS settings, this server is also a DHCP server. On the server I want to connect to AD, I address DNS pointing to my AD server which is 192.168.1.60 and it's also getting an IP address from the DHCP server. But it connects to Active Directory, when I try the ping command on the domain name which is yewman.email he's trying pings an external IP address (which is my public ip address because I also have the yewman.email of real estate) how to fix this? It's the mistake of connection AD:

  Note: This information is intended for a network administrator.  If you do not have your network administrator, notify the administrator that you have received this information, which has been recorded in the C:\Windows\debug\dcdiag.txt file.

  The following error occurred when DNS was questioned about the resource record (SRV) service location used to locate an Active Directory (AD DC) domain controller for the domain "yewman.email":

  The error was: "the DNS name does not exist."
  (0x0000232B RCODE_NAME_ERROR error code)

  The query was for the SRV record for _ldap._tcp.dc._msdcs.yewman.email

  Common causes of this error are:

  -The DNS SRV records to locate an AD DC for the domain are not registered in DNS. These records are automatically saved with a DNS server when an AD domain controller is added to a domain. They are updated by the AD DC at set intervals. This computer is configured to use DNS servers with the following IP addresses:

  192.168.1.60

  -One or more of the following areas do not include delegation to its child zone:

  yewman.email
  E-mail
  . (the root zone)

  This issue is beyond the scope of this site (for consumers) and to be sure, you get the best (and fastest) reply, we have to ask either on Technet (for IT Pro) or MSDN (for developers)
  *
  http://social.technet.Microsoft.com/forums/en-us/home s/fr-U.S./Accueil
  http://social.msdn.Microsoft.com/Forum