How can the SQM website authenticate users in more than one domain?


This article applies to:

  • Trustwave MailMarshal (SEG) 6.7 and above 
  • Trustwave ECM/MailMarshal Exchange 7.X
  • Spam Quarantine Management or Quarantine Management website

Question:

  • How can the SQM website authenticate users in more than one domain?
  • How can the SQM website retrieve email address information for users in more than one domain?

Procedure:

The Spam Quarantine Management (or ECM Quarantine Management) website uses the MailMarshal Array Manager to perform Active Directory lookups.

To allow the Spam Quarantine Management website to authenticate users from multiple Active Directory domains, ensure that the MailMarshal Array Manager service is running under a domain account with the appropriate permission to access objects in Active Directory.

The Active Directory domains must be configured with two-way trust.

To preserve other functions of the Array Manager service, use an account that is a member of the Administrators group on the Array Manager server.

Notes:

  • The Array Manager runs by default using the Local System account. This account does not have permission to access objects from other domains.
  • Versions of MailMarshal SMTP before 6.7 do not include this functionality.
    • In earlier versions, where there is two way trust the users may be able to log in, but email addressses will not be retrieved.
    • There is no workaround for the earlier versions; upgrade is required. 

Last Modified 3/1/2020.
https://support.trustwave.com/kb/KnowledgebaseArticle12902.aspx