Setting Up Server
Administrator Active Directory Objects For Multiple Domain
To set up
the objects for this multiple domain scenario, perform the following
tasks:
- Ensure that the domain forest function is in Native mode.
- Create two Association Objects, AO1 and AO2, in any domain.
The figure shows the objects in Domain1.
- Create two Server Administrator Products, sys1 and sys2,
to represent the two systems. sys1 is in Domain1 and sys2 is in Domain2.
- Create two Privilege Objects, Priv1 and Priv2, in which
Priv1 has all privileges (Administrator) and Priv2 has Login privileges.
- Group sys2 into Group1. The group scope of Group1 must
be Universal.
- Add User1 and User2 as Members in Association Object 1
(AO1), Priv1 as Privilege Objects in AO1, and both sys1 and Group1
as Products in AO1.
- Add User3 as a Member in Association Object 2 (AO2), Priv2
as a Privilege object in AO2, and Group1 as a Product in AO2.
NOTE: : Neither
of the Association objects needs to be of Universal scope.
Data is not available for the Topic