topic Re: Identity collector account across domain Trust? in Firewall and Security Management

Identity collector account across domain Trust?

Richard_Farnham — Wed, 11 Sep 2019 15:08:30 GMT

Hello I can't figure out, how to use an account in another domain to access the logs on a DC with Identity Collector. We have one main company AD forest and some domains outside with bidirectional domain trust, say -> main domain: company.biz -> some domain: other.biz other.biz is not in the same forest as Company.biz, however there is a domain trust in both directions. Now if I use an account in other.biz to access the DC of other.biz, everything works fine. But no matter how I enter an account of company.biz there always is an auth. failure (tried company\account , company.biz\account, account@company.biz). Account is member of [Event Log Readers] group in other.biz. What am I missing here (every idea welcome)??

Re: Identity collector account across domain Trust?

PhoneBoy — Wed, 11 Sep 2019 20:44:16 GMT

Why is it's not acceptable to use an account from other.biz to pull logs from other.biz?

Re: Identity collector account across domain Trust?

Richard_Farnham — Fri, 13 Sep 2019 07:59:36 GMT

Well, this will be our workaround? Its main drawback is administrative overhead: in my case there is a bunch of bidirectionally trusted external domains, which then each requires a own account with own pwd Change and maybe different conventions in naming/pwd complexity.. . And there is in fact no technical reason that prohibits the use of one central account.

Re: Identity collector account across domain Trust?

PhoneBoy — Fri, 13 Sep 2019 18:12:19 GMT

It was a question, that's all.
Not sure it's a limitation specifically, but maybe @Royi_Priov can comment.