Unable to Connect to to Second AD with "Guest" user

Home Forums General General Help Unable to Connect to to Second AD with "Guest" user

  • This topic is empty.
Viewing 6 posts - 1 through 6 (of 6 total)
  • Author
    Posts
  • #30236
    rand0med
    Participant

    Hello,

    We’re currently deploying Cerberus FTP Enterprise throughout our organization and for Political Reasons we run 2 AD Domains between us and our Parent Company.

    We have the 1st domain that we control hooked in with no issue and everyone who has been using it thus far has said it is great, and we are anticipating our parent company employees will want the same experience.

    However, when we try to connect Cerberus FTP to the parent AD, we get the error: “Unable to retrieve “Guest” account: The user does not have access to the requested information”.

    After doing some searching, it seems Cerberus FTP attempts to get “read”information from the AD via the Guest account, which our parent company has disabled for security reasons. Is it possible to have Cerberus do the look-up from another account? We have an account in their AD Domain with Read/write Permissions but I do not see anywhere to change this behavior.

    Thanks for your time.

    #36439
    imported_Serin
    Participant

    Hello,

    One of the first things Cerberus checks for is that the Guest account is disabled. AD authentication won’t work correctly when the Guest account is enabled. Cerberus is just trying to lookup details about that account to make sure it is disabled. It sounds like that initial check is failing because of permission problems with the account Cerberus is running under.

    There are two issues to be aware of here. The actual Cerberus FTP Server Windows Service is usually running under the Local System account. When you start the Cerberus GUI to administer the server then the GUI is started under whatever account the logged in user is using and connects to the underlying Cerberus Windows Service.

    The account you started the GUI under might not have permission to query the parent domain which is why you are getting that error. However, if the underlying Local System account has permission then everything will be ok when the user actually tries to connect and authenticate with the Cerberus Windows Service.

    In summary, make sure the account the Service is running under (default is the Local System account) and the account you start the GUI from are both able to query the parent domain.

    #36440
    wawa
    Participant

    hello

    how can i delete this message ?

    Unable to retrieve “Guest” account: The user name could not be found

    ty

    #36441
    pacman
    Participant

    wawa.

    It basically means there is no account named Guest in your domain. Have you renamed the default Guest account?

    The machine is a member of the domain, right?

    Have you renamed the Guest account, or is it called something different on your version of Windows?

    #36442
    wawa
    Participant

    hello

    Yes, in my domain, the guest account is disable

    what should I do?

    thank you!

    #36443
    wawa
    Participant

    i found a solution

    need to create a user named “Guest” in my AD. (desactivate of course)

    In french the user named “Invité” is not enough

Viewing 6 posts - 1 through 6 (of 6 total)
  • You must be logged in to reply to this topic.
Close Cart

Shopping Cart