When opening Audit Analyzer, or using Audit Manager with a cross-trust user, you may encounter an error that access is denied to the installation, or the installation cannot be found.
Applies to: All versions of Centrify DirectAudit prior to 5.2.3 on all platforms.
When creating a new DirectAudit installation using a cross-trust user, access is denied with a message similar to the following:
Error:- Failed to complete the New Installation Wizard because of an error. Active Directory denied the database access to obtain information about your user account. Please make sure the database is run in a domain user account that has sufficient permissions to access Active Directory.
This behavior can also be observed when a cross-trust user is attempting to access Audit Analyzer belonging to an already-existing cross-trust installation.
This is a known bug in versions of DirectAudit prior to Suite 2015.1 (5.2.3) In the case of a two-way trust environment, this problem will be observed due to an audit installation not existing in the source domain that the user is coming from.
(1) Create an OU anywhere in the cross-trust domain. Assign permissions to your resource domain's DirectAudit administrator to write to this OU.
(2) Open Audit Manager with the user with permissions to the new OU created in step #1
(3) Right-click on DA installation name > 'Properties' > 'Publication' tab
(4) Click on the 'Add' button and select the OU created in step #1. Click 'OK'. This step will publish the installation information into your cross-trust domain.
(5) Try opening Audit Manager/Analyzer once more, as the cross-trust user, and you should be good to go.
This has been resolved in Suite 2015.1 (5.2.3). Rather than throwing an error, you will now be prompted with a dialogue, asking you to choose the correct installation.