How to configure an additional Active Directory domains in ADManager Plus

How to configure an additional Active Directory domains in ADManager Plus

Objective 

This article explains how to configure Active Directory domains in ADManager Plus to enable full use of its capabilities. Proper domain configuration allows you to automate tasks, delegate responsibilities, generate detailed reports, enforce access controls, and streamline identity management across your Active Directory environment—all from a centralized platform.

Prerequisites 

  • ADManager Plus must be installed and accessible.

  • The ADManager Plus server must be joined to the domain or have network access to domain controllers.

  • The service account (or credentials) provided must have read and write permissions in Active Directory.

  • Necessary firewall ports (e.g., 389, 636, 3268, 3269) must be open for LDAP/GC communication.

  • DNS resolution for domain controllers should work correctly from the ADManager server.

Steps to follow 

During startup, ADManager Plus automatically discovers and adds all accessible domains. If you need to add additional domains or modify existing ones, you can do so through the Directory/Application Settings option.

Notes

Note: The procedure to add child domains and domains from the same or different forests is identical.

  1. Log in to ADManager Plus using an administrator account.

  2. Navigate to Directory/Application Settings located at the top-right corner of the interface.

  3. Under the Active Directory tab, click the Click here to add a new domain link. This will open the Add Domain Details dialog.

  4. Enter the Domain Name.

  5. In the Add Domain Controllers section:

    • Click Discover Now to automatically locate and add domain controllers using DNS.

    • Alternatively, manually add domain controllers.

    • The domain controller listed first will be considered the primary domain controller. Use the up/down arrows to prioritize the order of domain controllers.

  6. Check the Implement DC Sort Intelligence option to fetch data from the fastest domain controller based on response time. ADManager Plus will automatically adjust the priority order based on the results.

  7. Enter the authentication details of the privileged user account that will be used to communicate with the domain controllers.

  8. Click Add.

 Tips 

  • Use service accounts that follow the principle of least privilege while still having the necessary permissions.

  • Enable Secure LDAP (LDAPS) to ensure encrypted communication between ADManager Plus and your domain controllers.

  • Always use valid, active credentials to avoid synchronization failures.

  • For multi-domain or multi-forest setups, verify that trust relationships are properly configured and accessible from the ADManager Plus server.

  • In multi-domain environments, consider assigning unique credentials for each domain as needed.

                  New to ADSelfService Plus?