Page 1 of 1

Unable to Connect to to Second AD with "Guest" user

Posted: Fri Apr 20, 2012 12:34 pm
by rand0med
Hello,

We're currently deploying Cerberus FTP Enterprise throughout our organization and for Political Reasons we run 2 AD Domains between us and our Parent Company.

We have the 1st domain that we control hooked in with no issue and everyone who has been using it thus far has said it is great, and we are anticipating our parent company employees will want the same experience.

However, when we try to connect Cerberus FTP to the parent AD, we get the error: "Unable to retrieve "Guest" account: The user does not have access to the requested information".

After doing some searching, it seems Cerberus FTP attempts to get "read"information from the AD via the Guest account, which our parent company has disabled for security reasons. Is it possible to have Cerberus do the look-up from another account? We have an account in their AD Domain with Read/write Permissions but I do not see anywhere to change this behavior.

Thanks for your time.

Re: Unable to Connect to to Second AD with "Guest" user

Posted: Sun Apr 22, 2012 11:02 am
by Serin
Hello,

One of the first things Cerberus checks for is that the Guest account is disabled. AD authentication won't work correctly when the Guest account is enabled. Cerberus is just trying to lookup details about that account to make sure it is disabled. It sounds like that initial check is failing because of permission problems with the account Cerberus is running under.

There are two issues to be aware of here. The actual Cerberus FTP Server Windows Service is usually running under the Local System account. When you start the Cerberus GUI to administer the server then the GUI is started under whatever account the logged in user is using and connects to the underlying Cerberus Windows Service.

The account you started the GUI under might not have permission to query the parent domain which is why you are getting that error. However, if the underlying Local System account has permission then everything will be ok when the user actually tries to connect and authenticate with the Cerberus Windows Service.

In summary, make sure the account the Service is running under (default is the Local System account) and the account you start the GUI from are both able to query the parent domain.

Re: Unable to Connect to to Second AD with "Guest" user

Posted: Fri Feb 02, 2018 8:22 am
by wawa
hello

how can i delete this message ?
Unable to retrieve "Guest" account: The user name could not be found


ty

Re: Unable to Connect to to Second AD with "Guest" user

Posted: Wed Feb 07, 2018 9:58 am
by pacman
wawa.

It basically means there is no account named Guest in your domain. Have you renamed the default Guest account?
The machine is a member of the domain, right?
Have you renamed the Guest account, or is it called something different on your version of Windows?

Re: Unable to Connect to to Second AD with "Guest" user

Posted: Mon Feb 12, 2018 3:52 am
by wawa
hello

Yes, in my domain, the guest account is disable

what should I do?

thank you!

Re: Unable to Connect to to Second AD with "Guest" user

Posted: Mon Feb 12, 2018 4:41 am
by wawa
i found a solution
need to create a user named "Guest" in my AD. (desactivate of course)
In french the user named "Invité" is not enough