Configure SCSM for Cross Forest/Domain Access
I have a requirement for users of another domain to be able to login to the Cireson IT Service Portal using their domain user accounts rather than an account that i have created in my domain.
We have already configured the trust relationship between the two domains, but when creating an AD Connector in SCSM, then configuring it as required, the connector eventually fails with a status of Finished With Error.
The admins of the other domain have provided an account that can be used and have opened a port in their firewall for the SCSM server to query their AD.
Should this account be used for the connector or should we use the existing SCSM_SVCMGR account in our environment?
Should our SCSM_SVCMGR account be configured with permissions within their domain?
Any ideas and assistance would be extremely grateful.
Answers
Try to take a look into Event Viewer\Applications and Services Logs\Operations Manager for connector logs for more details.
Every AD user has read permission so if you created the trust I hope any user from Domain1 including your SCSM_SVCMGR should be able to read user information in Domain2.