Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 5 subscribers
  • Views 4857 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

STAS function for same login user name in root and child domain and same subsets

MurMan

 Hi All,

 

I need to test the STAS function with the environment is that 1 SG310 (firmware 9.413) work with root domain (acb.com) and child domain (child.abc.com); both domains are same subnets, let say 192.168.1.0/24.  Install STAS controller and agent in Root AD and agent role in child AD already.

If we have 2 users and same login name but different password, for example Root domain user: oscart, Child domain user: oscart. After prefetch 2 domains (Definitions Users --> Authentication Services --> Advanced) in SG310. It shows the root user (oscart) only in User and Groups. 

How can I show the 2 users in "User and Groups? Because 2 users need to control by 2 different web filtering policy.

 

Thanks and Regard,

Murphy

 



This thread was automatically locked due to age.
Parents
  • 0

    Objects must be unique, so unless you can configure one of the STAS to use fully qualified names, you are out of luck.

    I do not use STAS, but do have multiple domains.   I use AD  SSO for the primary domain and LDAP for the others.  AD SSO uses unqualified names, snd this is not configurable.  So I configured LDAP to use fully qualified names.  

    There are functional differences between STAS and the otber methods   STAS is good for user-based firewall rules.   AD SSO and/or LDAP are needed for remote access.   For more info on  using LDAP, see my post in the WIKI

Reply
  • 0

    Objects must be unique, so unless you can configure one of the STAS to use fully qualified names, you are out of luck.

    I do not use STAS, but do have multiple domains.   I use AD  SSO for the primary domain and LDAP for the others.  AD SSO uses unqualified names, snd this is not configurable.  So I configured LDAP to use fully qualified names.  

    There are functional differences between STAS and the otber methods   STAS is good for user-based firewall rules.   AD SSO and/or LDAP are needed for remote access.   For more info on  using LDAP, see my post in the WIKI

Children
No Data