(Cloud) The Cloud auth connector (BCCA) cannot see all the domains in a forest

Solutions ID:    KB4986
Version:    2.0
Status:    Published
Published date:    03/09/2012
Updated:    03/09/2012

Problem Description

The Cloud auth connector (BCCA) cannot see all the domains in a forest
It only sees the domains that have a direct trust relationship with the domain that the BCCA user is installed on
Domains with an indirect trust relationship are not found
Users from those other domains are not being returned and populated into the Cloud for policy creation purposes
Problem exists in the Authentication connector version 1.3.2000.442789 or earlier.


The problem has been reported to engineering.  The issue will be resolved in the auth connector that ships with Cloud 3.0, if and when Cloud 3.0 ships.  If you need this before 3.0 ships, please contact Blue Coat Technical Support and reference this KB article number.

The issue arises when there is an indirect trust relationship between the domain where the auth connector user is installed and the other domains in the AD forest.  The auth connector will only see the other domains that have a direct trust relationship to it and to none of the indirect trust domains.  This only affects the population of domain users and groups in the portal for policy purposes.  It does not affect identification of users in the forest, such as for reporting purposes.


Rate this Page

Please take a moment to complete this form to help us better serve you.

Did this document help answer your question?
If you are finished providing feedback, please click the RATE CONTENT button. Otherwise, please add more detail in the following text box and then click RATE CONTENT.

Your response will be used to improve our document content.

Ask a Question