Your Identity and Access Management community: Discover and share best practices for controlling enterprise access.


Running Scheduled Task Script against a Managed Forest

This question is not answered

I currently have a 3 forest environment in which QARS 6.1 is installed in only 1 Forest but has the other 2 as Managed Domains. Each Managed Forest has its own service account.

             ServiceAccount1 - Domain Admin in Forest1

             ServiceAccount2 - Domain Admin in Forest2
             ServiceAccount3 - Domain Admin in Forest3

Each account has no native permisions in any other Forest.

I have a daily scheduled task which runs within each forest. However, this task runs as the service account where Quest Active Roles is installed (ServiceAccount1) and not the service account for the respective forest. Is there a way to force a scheduled task to use a specific account, I do not want to specify an account within the script if possible (due to security issues)...?

Many thanks

All Replies
  • Within your scheduled task, if you are using ARS ADSI Provider to operate with AD, ARS would picks up corresponding target domain credentials. If you operate with target domain directly, using some native API, ARS would not be able to help you here.
  • Thanks Andrei,

    I must stop using the LDAP provider (bit of a bad habit)