Control Center Login fails with Multiple Domain Integration in Symantec Messaging Gateway
Last Updated June 21, 2011
Two different domains have been added in Directory Integration (DI) and Control Center Authentication has been enabled in both sources. After doing so users are not able to log on to their personal quarantine to view their quarantined messages. It is evident that there is no longer a drop down list for selecting domain available in the log in page.
By default the Control Center query will authenticate on both SAM account name and user Principal name for one domain preventing the Control Center authentication to be unique as two different Domains needs to be authenticated.
Customize the Authentication Query in the following way
1. In the DI source - click Authentication - Customize Query
2. Replace the current query with (userPrincipalName=%s) only
3. Enter the user in fqdn format email@example.com and password
4. Click Test Query - it should show 3 green lines with a checkmark saying the query was successful. If so then press Save.
5. Repeat the same for both sources and verify both of the DI sources are enabled.
6. Users should now be able to log on to both domains using their fqdn which is normally the same as their email address firstname.lastname@example.org
Symantec Messaging Gateway 9.0
Symantec Messaging Gateway 9.5.0
Imported Document ID: TECH162795
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe