Search

GlobalSCAPE Knowledge Base

Can EFT Server/Secure FTP Server pull Active Directory users from multiple domains?

9 Years Ago
Karla Marsh
EFT

THE INFORMATION IN THIS ARTICLE APPLIES TO:

  • EFT Server v6 and later
  • Secure FTP Server

QUESTION

Can EFT Server/Secure FTP Server pull Active Directory users from multiple domains by specifying only the domain in which the Server resides?

ANSWER

When you configure Sites in EFT Server, you specify which type of database to use for user authentication. If you choose Windows Active Directory (NTLM/AD) Authentication, you point EFT Server to a Primary Domain Controller (PDC) and a group on that AD controller. EFT Server queries the domain controller, adds all domain users to the Site tree, and assigns permissions to users from the user database. Any user that exists in the group on the AD controller can be valid users in EFT Server. If the AD administrator can define users in the group that come from other domains, then those users should also be available to EFT Server. EFT Server supports the listing of user accounts and login authentication for accounts that reside in remote AD domain groups referenced by an AD universal group. EFT Server only supports accounts that reside in groups that are from the same domain as the universal group. EFT Server supports traversal of the remote groups referenced by a universal group. The recursive traversal of groups and subgroups that exist in EFT Server are supported and unaffected by the ability to support users in remote groups that are referenced by a local universal group.

Terminology:

One or more domains that share a common schema and Global Catalog are referred to as a forest. In a forest, users in one domain tree can gain access to resources in the other trees, the Global Catalog incorporates object information for the entire forest, and the Active Directory schema applies to the entire forest.

  • domain local group: a security or distribution group that can contain universal groups, global groups, other domain local groups from its own domain, and accounts from any domain in the forest.
  • global group: a group that can be used in its own domain, in member servers and workstations of the domain, and in trusting domains.
  • universal group: a security or distribution group that contains users, groups, and computers from any domain in its forest as members.

Refer to KB10542 for more information.

Share Article

On a scale of 1-5, please rate the helpfulness of this article



Not Helpful
Very Helpful
Optionally provide additional feedback to help us improve this article...

Thank you for your feedback!


Comments require login or registration.

Details
Last Modified: 9 Years Ago
Last Modified By: kmarsh
Type: FAQ
Rated 2 stars based on 20 votes.
Article has been viewed 18K times.
Options
Print Article
Export As PDF
Also In This Category
Customer Support Software By InstantKB 2020 Final
Execution: 0.000. 7 queries. Compression Disabled.