Greetings:

There are multiple domains within the organization. For instance:

a. NorthAmerica

b. Europe

c. AsiaPacific

NTLM is being used for authentication. Currently we have a policy that is configured for Northamerica domain users. Following parameters were set for creating this policy:

domain = Northamerica

password = left blank (?)

securityPrinciple = (AdminId on xyz server)

server = xyz server

What I am facing is the following:

a. users from other domain - Europe, etc are not able to logon to xMII application. (Note - user id was created). Log file indicates --

WARN Login - Invalid username or password

ERROR NTDomainLoginModule - jcifs.smb.SmbAuthException: Logon failure: unknown user name or bad password.

ERROR JAASHandler - Could not authenticate

javax.security.auth.login.LoginException: Login Failure: all modules ignored

at com.lighthammer.cas.authentication.security.spi.LHLoginContext.invoke(LHLoginContext.java:676)

Obviously, I need to create other policy that will allow users from other domain to be authenticated using NTLM.

Question:

1] For configuring other domains will it be sufficient to set these parameters? For instance,

domain = Europe

password = left blank (??)

securityPrinciple = (AdminId on xyz server ??)

server = xyz server

2] Is there a way to test this configuration ? .. without having to ask user/s from other domain to logon ?

Any pointers will help. Thanks!

Regards,

Prasanna.