/
ECMToolbox v4.3.0.8 - MultiDomain Setup

ECMToolbox v4.3.0.8 - MultiDomain Setup

Owned by Taylor Treece (Unlicensed)
Last updated: May 15, 2022
2 min read

This guide will document necessary assumptions and requirements if you would like to set up your ECMT install to authenticate for users across two different Active Directory (AD) domains.

Assumptions

  1. You are only wanting to use ECMT across two different Active Directory domains.

  1. Proper network connectivity is available between the Domain Controller(s) in both domains, and they can communicate as needed.

  1. We will refer to the main domain that will host the ECMT application as AD1.

  1. We will refer to the guest/user-only domain that will be accessing ECMT as AD2.

  1. You cannot have two users from the different domains with the same username. For example, there cannot be a “jsmith” in AD1 and also a “jsmith” in AD2.

Requirements

AD1 will need to have the ECMT application installed and configured with AD Sync via Admin -> System Settings -> Active Directory Settings. Once installed and configured, a Two-Way Trust will need to be established between AD1 and AD2.

This can be accomplished utilizing Active Directory Domains and Trusts from a domain controller on AD1.

DNS will need to be properly configured between AD1 and AD2 to ensure that users from AD2 are able to access the ECMT Server that is hosted in AD1 via its hostname or FQDN, depending on your DNS.

Once DNS is configured properly the last thing you will need to do is create the group that will contain users from both domains.

 

The group must be created on AD1, and will need to have the following settings:

·         Group Scope: Domain local

·         Group Type: Security

If the Two-Way Trust has been setup properly, you should be able to add users/groups from both AD1 and AD2 to this group. The groups that are created in each domain for the users must be of the following settings:

·         Group Scope: Universal

·         Group Type: Security

Once users/groups from both domains have been added you will select this group to be synced to your ECMT Group under User Groups -> Select your ECMT Group -> Edit -> Active Directory Synchronization Group.

Users from both domains should be synced automatically as ECMT users if they are a part of the AD Synchronization Group.

Example Group Setup

 

Related content

ECMToolbox MultiDomain Setup Requirements
ECMToolbox MultiDomain Setup Requirements
CASO Help Center Articles
More like this
ECMT - Add User from an Authentication Provider
ECMT - Add User from an Authentication Provider
CASO Help Center Articles
More like this
ECMToolBox AIM- Secure Connections
ECMToolBox AIM- Secure Connections
CASO Help Center Articles
More like this
ECMToolbox Active Directory Group Synchronization
ECMToolbox Active Directory Group Synchronization
CASO Help Center Articles
More like this
ECMToolBox Workflow - Secure Connections
ECMToolBox Workflow - Secure Connections
CASO Help Center Articles
More like this
Logging into ECMToolbox Workflow
Logging into ECMToolbox Workflow
CASO Help Center Articles
More like this

Copyright © CASO Document Management

All product names, logos, brands, and trademarks featured or referred to on this page are the property of their respective trademark holders. These trademark holders are not affiliated with, nor do they sponsor or endorse this website or the products/services offered unless explicitly stated otherwise.