Configuring SoftwareCentral with an untrusted domain

(Configuration has to be done before you install SoftwareCentral in the untrusted domain)

 

Configure SoftwareCentral to support the untrusted domain from within the trusted domain.

(SoftwareCentral might have auto-discovered your domain, in that case you dont have to enter it here.)

 

Start by adding the domain to the Domain table in the SoftwareCentral database.

Just enter the fully qualified domain name in the DomainName column and hit enter. Nothing else has to be done in this table.

 

Next you need to launch the SoftwareCentral website from the trusted domain.

 

Go to Settings/Settings in SoftwareCentral.

 

Open the Domains tab:

Here you will see a list of all your domains. The “Trusted”column represents whether or not there there is trust to this domain.


The trust is relative to which domain you are using. For this interface, we define the trust relationship from the domain the SCCM server is located in.

 

If we consider the example on the first page of this document, Domain 3 would be the only untrusted domain. Domain 1 and 2 would need be check in the checkboxes in the “Trusted”column.

 

A service account is needed in all domains. You can use the standard service account (app-pool user) in all the trusted domains.

In the untrusted domain, a new service account is needed (It has to be the service account running the SoftwareCentral website in the untrusted domain).

 

All user names must be entered in the following format: domain\username

 

Next we go to the SCCM connection in the SoftwareCentral Configuration tab: Note that the remaining steps is not needed for the SoftwareCentral Cloud.

 

 

All server names must be entered as fully qualified.

 

The connection to the SCCM database must use a SQL Login.

Fill in the SCCM Database Connection string as follows:

Server=servername; Database=databasename; User ID=username; Password=password; Trusted_Connection=false;

 

Under SCCM SQL User and Password you must also enter the SQL Login.

 

No passwords have to be manually encrypted here.

Click the save button when you are done. You must disable the Engineering Mode in order to do the installation of the new site.

 

Now a Security Role is needed for the untrusted domain. Create an Administrator role with full access.

You might need to type in the AD-Group name of the administrator group manually in the Create Security Role interface, as the drop-down won’t return any AD-Groups.

 

All other roles in the untrusted domain should be created from SoftwareCentral in the untrusted domain.

 

 

See Also

 

 


© Copyright - SoftwareCentral

https://softwarecentral.cloud/help