karthickkumar.shashi

Connecting to AF Server in another Domain or cross Domain

Discussion created by karthickkumar.shashi on Jun 27, 2014
Latest reply on Jul 15, 2014 by oshafie

Hi All,

 

Consider the Following Scenario:

 

AF Client  -System Explorer 2010 is in a Domain say (L4 Domain) with Windows 7 SP1.

 

AF Server 2012 is in another Domain say (L3 Domain) with Windows 2008 Server.

 

L3 and L4 are not trusted domains. (neither one way or two way)

 

Assumptions:

 

AF Service is running as a L3 Domain user service account.

 

Port 5450 and 5457 both are open across the Domain Firewall (confirmed by Telnet from both side).

 

What I am trying to do?

 

Trying to connect to AF Server in the L3 Domain from a AF Client (System Explorer)  in the L4 Domain. By explicitly using Domain credentials of L3 level to connect to PI Systems.

 

What is Happening!!

 

A pop up to enter username and password comes while I try to add a new PI System. Even if I give a correct credentials , It doesn't connect!!!

 

What I Tried to do?

 

I Created two similar local accounts with same username and password  in L3 AF Server Machine and L4 AF Client Machine , Add the new local user to all the AF Groups in the AF Server and granted admin access for the account to PI System security.

 

What I expect!!

 

Just the connection to work :)

 

Have anyone ever tried Cross Domain AF Server connection without trusted Domains!!!, Please suggest me a work around here. 

 

 

 

Thanks & Regards,

 

Karthick

Outcomes