Octopus runs in DOMAIN1, users trying to log in are in DOMAIN2. I have tried running Octopus under Local System, and DOMAIN1\serviceaccount as well as DOMAIN2\serviceaccount.
When running under DOMAIN1 service account only user accounts in DOMAIN1 can log in and I cannot add users from DOMAIN2.
When I try to run under DOMAIN2 service account Octopus will not start.
I have created an account with same name and password in both domains to try and remedy the problem to no avail.
I have another application on the same server running under DOMAIN2\serviceaccount which can successfully authenticate DOMAIN2 users.
Could it be because the new service account doesn’t have permissions in RavenDB that the service fails to start? (Even though the account is local admin)
Octopus will work with multiple AD domains IF they have their trust configured correctly. Is there any reason you are running Octopus under the domain that isn’t where the users are?
The errors as to why the service isn’t starting should be found in c:\Octopus\Logs
You can also attempt to define the AD container that octopus should use and it might help: http://docs.octopusdeploy.com/display/OD/Specifying+a+custom+container+to+use+for+AD+Authentication
I can’t get OD to work with multiple domains still, I don’t have a real trust between the domains but I do have shadow accounts setup (identical service accounts with same password in both domains) and it still doesn’t work. Is this practice not supported by OD?
Did you attempt to define the container?
Can you provide the Octopus logs to see if we get any specific errors?
Do you get a specific error message and can you provide a screenshot?
I did not try the container, is there a command to retrieve the current container string so that I can easily retract my change should it cause any issues?
When you run this command, it adds a line to your OctopusServer.config (c:\Octopus\OctopusServer\OctopusServer.config) such as
So if you want to remove it after you can delete that line directly from the config.