Home Analyst Portal

Cache Builder Error by cross domains

Philipp_SchäferPhilipp_Schäfer Member IT Monkey ✭
Hello community,

i got following error if i restart the Cache Builder Service:
System.DirectoryServices.AccountManagement.PrincipalOperationException: Information about the domain could not be retrieved (1355).
   at System.DirectoryServices.AccountManagement.Utils.GetDcName(String computerName, String domainName, String siteName, Int32 flags)
   at System.DirectoryServices.AccountManagement.SDSCache.GetContext(String name, NetCred credentials, ContextOptions contextOptions)
   at System.DirectoryServices.AccountManagement.ADStoreCtx.ResolveCrossStoreRefToPrincipal(Object o)
   at System.DirectoryServices.AccountManagement.ADUtils.DirectoryEntryAsPrincipal(DirectoryEntry de, ADStoreCtx storeCtx)
   at System.DirectoryServices.AccountManagement.ADDNLinkedAttrSet.get_CurrentAsPrincipal()
   at System.DirectoryServices.AccountManagement.FindResultEnumerator`1.get_Current()
   at System.Linq.Buffer`1..ctor(IEnumerable`1 source)
   at System.Linq.Enumerable.ToArray[TSource](IEnumerable`1 source)
   at Cireson.CacheBuilder.Service.Util.AdUtil.GetMembers(GroupPrincipal groupPrincipal)


This only happens if i add specific groups from a sub-domain of another forest. To be more clear:
I have to forest domain, each has some sub-domains. I want to add all users to the EndUser Role in SCSM and inside Cireson Portal. The AD Group inside the EndUser Role is a domain local group of the domain where the SCSM is installed.

Inside this group are global groups for each sub-domain. The cache builder works with all groups of the SCSM domain and the sub-domains and also with the root domain of the other forest. But each sub-domain group of the other forest create this error.
Between the root domains of each forest i configured a forest trust.

Do you have any idea?

Best Answer

  • Philipp_SchäferPhilipp_Schäfer Member IT Monkey ✭
    Answer ✓
    I do not know why this is not working but if if map the groups of the subdomain to an universal group of the root domain of the other forest, which i map to my EndUser AD Group of SCSM domain, it works.

Answers

  • Philipp_SchäferPhilipp_Schäfer Member IT Monkey ✭
    Answer ✓
    I do not know why this is not working but if if map the groups of the subdomain to an universal group of the root domain of the other forest, which i map to my EndUser AD Group of SCSM domain, it works.

Sign In or Register to comment.