I am struggling trying to get a single instance of vCO setup so that
A. Users from any or our domains can authenticate to vCO.
B. The AD plugin can interact with any of our domains.
First I will explain a little about our domain structure as I understand it ( I am no expert when it comes to this stuff ) . Our AD admins tell me we have a peer domain structure. They have assisted me in setting up our authentication section of vCO and say that it should be seeing all users in all domains if the client is built with .net tools. If the underlying client is using typical ldap then I would need to configure it to point to a specific peer domain. When I point everything to the root I get a configuration error saying it sees no users so I am going to assume the underlying client is not built upon .net. I attempted to use SSO instead of LDAP as the authentication type but this seems to break the AD plugin. I started getting some strange errors... I am still doing some testing to confirm this is true but a quick test seems to confirm it.
The plugin also seems to exhibit the same behavior where I can only see one domain as opposed to all of our domains. Whenever I configure it to point to the root domain instead of one of the sub or peer domains I get nothing. Does anyone have advice on this? I don't want to have multiple vCO's just to support some basic AD interactions and authentication. At the moment I am seeing no alternative and this will make for a very complex vCO layout and confusion for the people that need to use it.
Paul