Unable to Connect to to Second AD with "Guest" user

General help on how to use Cerberus. Questions on how a particular feature works, how to use feature x with feature y... Please read the "How to use this forum" article before posting.
Post Reply
rand0med
Posts: 2
Joined: Fri Apr 20, 2012 12:26 pm

Unable to Connect to to Second AD with "Guest" user

Post by rand0med » Fri Apr 20, 2012 12:34 pm

Hello,

We're currently deploying Cerberus FTP Enterprise throughout our organization and for Political Reasons we run 2 AD Domains between us and our Parent Company.

We have the 1st domain that we control hooked in with no issue and everyone who has been using it thus far has said it is great, and we are anticipating our parent company employees will want the same experience.

However, when we try to connect Cerberus FTP to the parent AD, we get the error: "Unable to retrieve "Guest" account: The user does not have access to the requested information".

After doing some searching, it seems Cerberus FTP attempts to get "read"information from the AD via the Guest account, which our parent company has disabled for security reasons. Is it possible to have Cerberus do the look-up from another account? We have an account in their AD Domain with Read/write Permissions but I do not see anywhere to change this behavior.

Thanks for your time.

User avatar
Serin
Site Administrator
Posts: 1785
Joined: Sat Jan 01, 2005 6:57 pm
Location: United States
Contact:

Re: Unable to Connect to to Second AD with "Guest" user

Post by Serin » Sun Apr 22, 2012 11:02 am

Hello,

One of the first things Cerberus checks for is that the Guest account is disabled. AD authentication won't work correctly when the Guest account is enabled. Cerberus is just trying to lookup details about that account to make sure it is disabled. It sounds like that initial check is failing because of permission problems with the account Cerberus is running under.

There are two issues to be aware of here. The actual Cerberus FTP Server Windows Service is usually running under the Local System account. When you start the Cerberus GUI to administer the server then the GUI is started under whatever account the logged in user is using and connects to the underlying Cerberus Windows Service.

The account you started the GUI under might not have permission to query the parent domain which is why you are getting that error. However, if the underlying Local System account has permission then everything will be ok when the user actually tries to connect and authenticate with the Cerberus Windows Service.

In summary, make sure the account the Service is running under (default is the Local System account) and the account you start the GUI from are both able to query the parent domain.

wawa
User
Posts: 16
Joined: Thu Dec 07, 2017 9:13 am

Re: Unable to Connect to to Second AD with "Guest" user

Post by wawa » Fri Feb 02, 2018 8:22 am

hello

how can i delete this message ?
Unable to retrieve "Guest" account: The user name could not be found


ty

pacman
Senior User
Posts: 187
Joined: Thu Apr 28, 2016 1:54 pm

Re: Unable to Connect to to Second AD with "Guest" user

Post by pacman » Wed Feb 07, 2018 9:58 am

wawa.

It basically means there is no account named Guest in your domain. Have you renamed the default Guest account?
The machine is a member of the domain, right?
Have you renamed the Guest account, or is it called something different on your version of Windows?

wawa
User
Posts: 16
Joined: Thu Dec 07, 2017 9:13 am

Re: Unable to Connect to to Second AD with "Guest" user

Post by wawa » Mon Feb 12, 2018 3:52 am

hello

Yes, in my domain, the guest account is disable

what should I do?

thank you!

wawa
User
Posts: 16
Joined: Thu Dec 07, 2017 9:13 am

Re: Unable to Connect to to Second AD with "Guest" user

Post by wawa » Mon Feb 12, 2018 4:41 am

i found a solution
need to create a user named "Guest" in my AD. (desactivate of course)
In french the user named "Invité" is not enough

Post Reply