Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >
article

KB-5903: Access denied to audit installation with cross-trust user

12 April,16 at 11:46 AM

Applies to: All versions of Centrify DirectAudit prior to 5.2.3 on all platforms.

Problem:

When creating a new DirectAudit installation using a cross-trust user, access is denied with a message similar to the following:

Error:- 
Failed to complete the New Installation Wizard because of an error. Active Directory denied the database access to obtain information about your user account. Please make sure the database is run in a domain user account that has sufficient permissions to access Active Directory. 


This behavior can also be observed when a cross-trust user is attempting to access Audit Analyzer belonging to an already-existing cross-trust installation. 


Cause:

This is a known bug in versions of DirectAudit prior to Suite 2015.1 (5.2.3)
In the case of a two-way trust environment, this problem will be observed due to an audit installation not existing in the source domain that the user is coming from. 


Workaround:

(1) Create an OU anywhere in the cross-trust domain. Assign permissions to your resource domain's DirectAudit administrator to write to this OU. 

(2) Open Audit Manager with the user with permissions to the new OU created in step #1

(3) Right-click on DA installation name > 'Properties' > 'Publication' tab

(4) Click on the 'Add' button and select the OU created in step #1. Click 'OK'. This step will publish the installation information into your cross-trust domain.

(5) Try opening Audit Manager/Analyzer once more, as the cross-trust user, and you should be good to go.


Resolution:

This has been resolved in Suite 2015.1 (5.2.3). Rather than throwing an error, you will now be prompted with a dialogue, asking you to choose the correct installation.

Still have questions? Click here to log a technical support case, or collaborate with your peers in Centrify's Online Community.